CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-46645 – Path traversal in GitHub Enterprise Server leading to arbitrary file reading when building a GitHub Pages site
https://notcve.org/view.php?id=CVE-2023-46645
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de path traversal en GitHub Enterprise Server que permitía la lectura arbitraria de archivos al crear un sitio de GitHub Pages. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1 https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.9EPSS: 0%CPEs: 4EXPL: 0CVE-2023-6690
https://notcve.org/view.php?id=CVE-2023-6690
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. Una condición de ejecución en GitHub Enterprise Server permitió a un administrador existente mantener los permisos en los repositorios transferidos al realizar una mutación GraphQL para alterar los permisos del repositorio durante la transferencia. Esta vulnerabilidad afectó a GitHub Enterprise Server versión 3.8.0 y superiores y se solucionó en las versiones 3.8.12, 3.9.7, 3.10.4 y 3.11.1. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-46647 – Improper Privilege Management in GitHub Enterprise Server management console leads to privilege escalation
https://notcve.org/view.php?id=CVE-2023-46647
Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.6, 3.10.3, and 3.11.0. La administración inadecuada de privilegios en todas las versiones de GitHub Enterprise Server permite a los usuarios con acceso autorizado a la consola de administración con un rol de editor escalar sus privilegios al realizar solicitudes al endpoint utilizado para iniciar la instancia. Esta vulnerabilidad afectó a GitHub Enterprise Server versión 3.8.0 y superiores y se solucionó en las versiones 3.8.12, 3.9.6, 3.10.3 y 3.11.0. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.3 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.0 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.6 • CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-46646
https://notcve.org/view.php?id=CVE-2023-46646
Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the "Get a check run" API endpoint. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected GitHub Enterprise Server version 3.7.0 and above and was fixed in version 3.17.19, 3.8.12, 3.9.7 3.10.4, and 3.11.0. El control de acceso inadecuado en todas las versiones de GitHub Enterprise Server permite a usuarios no autorizados ver nombres de repositorios privados a través del endpoint API "Get a check run". Esta vulnerabilidad no permitía el acceso no autorizado a ningún contenido del repositorio además del nombre. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4 https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-23766 – Incorrect comparison vulnerability in GitHub Enterprise Server leading to commit smuggling
https://notcve.org/view.php?id=CVE-2023-23766
An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To do so, an attacker would need write access to the repository. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.6.17, 3.7.15, 3.8.8, 3.9.3, and 3.10.1. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de comparación incorrecta en GitHub Enterprise Server que permitía el contrabando de confirmaciones al mostrar una diferencia incorrecta en una Solicitud de Extracción reabierta. • https://docs.github.com/enterprise-server@3.10/admin/release-notes#3.10.1 https://docs.github.com/enterprise-server@3.6/admin/release-notes#3.6.17 https://docs.github.com/enterprise-server@3.7/admin/release-notes#3.7.15 https://docs.github.com/enterprise-server@3.8/admin/release-notes#3.8.8 https://docs.github.com/enterprise-server@3.9/admin/release-notes#3.9.3 • CWE-697: Incorrect Comparison •