CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-41598 – UI misrepresentation of granted permissions in GitHub Enterprise Server leading to unauthorized access to user
https://notcve.org/view.php?id=CVE-2021-41598
25 Jan 2022 — A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. All permissions being granted would properly be shown during the first authorization, but if the user later updated th... • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.21 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-23986
https://notcve.org/view.php?id=CVE-2020-23986
05 Jan 2022 — Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError. Se ha detectado que el commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 de Github Read Me Stats contenía una vulnerabilidad de tipo cross-site scripting (XSS) reflejada por medio de la función renderError. • https://github.com/anuraghazra/github-readme-stats/pull/255 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2021-44684
https://notcve.org/view.php?id=CVE-2021-44684
06 Dec 2021 — naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the _hook subcommand is concatenated without any validation, and is directly used by the exec function. naholyr github-todos versión 3.1.0, es vulnerable a una inyección de comandos. El argumento de rango para el subcomando _hook es concatenado sin ninguna comprobación, y es usado directamente por la función exec • https://github.com/dwisiswant0/advisory/issues/5 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22870 – Path traversal in GitHub Enterprise Server hosted Pages leads to unauthorized file read access
https://notcve.org/view.php?id=CVE-2021-22870
10 Nov 2021 — A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.19, 3.1.11, and 3.2.3. This vulnerability was reported via the GitHub Bug Bounty program. Se ha identific... • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.19 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22868 – Unsafe configuration options in GitHub Pages leading to path traversal on GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2021-22868
24 Sep 2021 — A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise S... • https://docs.github.com/en/enterprise-server%402.22/admin/release-notes#2.22.22 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22869 – Improper access control in GitHub Enterprise Server allows self-hosted runners to execute outside their control group
https://notcve.org/view.php?id=CVE-2021-22869
24 Sep 2021 — An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affects customers using self-hosted runner groups for access control. A repository with access to one enterprise runner group could access all of the enterprise runner groups within the organization because of improper authentication checks during the request. This could cause code to be run unintentionally by the incorrect runner group. ... • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.16 • CWE-287: Improper Authentication CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22867 – Unsafe configuration options in GitHub Pages leading to path traversal on GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2021-22867
14 Jul 2021 — A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise S... • https://docs.github.com/en/enterprise-server%402.22/admin/release-notes#2.22.17 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34364
https://notcve.org/view.php?id=CVE-2021-34364
09 Jun 2021 — The Refined GitHub browser extension before 21.6.8 might allow XSS via a link in a document. NOTE: github.com sends Content-Security-Policy headers to, in general, address XSS and other concerns. Una extensión del navegador Refined GitHub versiones anteriores a 21.6.8 podría permitir un ataque de tipo XSS por medio de un enlace en un documento. NOTA: github.com envía encabezados de Política de seguridad de contenido para, en general, abordar XSS y otras preocupaciones • https://github.com/sindresorhus/refined-github/releases/tag/21.6.8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32638 – CodeQL runner: Command-line options that make GitHub access tokens visible to other processes are now deprecated
https://notcve.org/view.php?id=CVE-2021-32638
25 May 2021 — Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead of reading it from a file, standard input, or an environment variable. This approach made the token visible to other processes on the same machine, for example in the output of the `ps` command. If the CI system pub... • https://github.com/github/codeql-action/commit/58defc0652e935f6f2ffc70a82828b98d75476fb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-214: Invocation of Process Using Visible Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22866 – UI misrepresentation of granted permissions in GitHub Enterprise Server leading to unauthorized access to user resources
https://notcve.org/view.php?id=CVE-2021-22866
14 May 2021 — A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. All permissions being granted would properly be shown during the first authorization, but in certain circumstances, if... • https://docs.github.com/en/enterprise-server%402.22/admin/release-notes#2.22.13 • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-1021: Improper Restriction of Rendered UI Layers or Frames •