CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34364
https://notcve.org/view.php?id=CVE-2021-34364
09 Jun 2021 — The Refined GitHub browser extension before 21.6.8 might allow XSS via a link in a document. NOTE: github.com sends Content-Security-Policy headers to, in general, address XSS and other concerns. Una extensión del navegador Refined GitHub versiones anteriores a 21.6.8 podría permitir un ataque de tipo XSS por medio de un enlace en un documento. NOTA: github.com envía encabezados de Política de seguridad de contenido para, en general, abordar XSS y otras preocupaciones • https://github.com/sindresorhus/refined-github/releases/tag/21.6.8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32638 – CodeQL runner: Command-line options that make GitHub access tokens visible to other processes are now deprecated
https://notcve.org/view.php?id=CVE-2021-32638
25 May 2021 — Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead of reading it from a file, standard input, or an environment variable. This approach made the token visible to other processes on the same machine, for example in the output of the `ps` command. If the CI system pub... • https://github.com/github/codeql-action/commit/58defc0652e935f6f2ffc70a82828b98d75476fb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-214: Invocation of Process Using Visible Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22866 – UI misrepresentation of granted permissions in GitHub Enterprise Server leading to unauthorized access to user resources
https://notcve.org/view.php?id=CVE-2021-22866
14 May 2021 — A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. All permissions being granted would properly be shown during the first authorization, but in certain circumstances, if... • https://docs.github.com/en/enterprise-server%402.22/admin/release-notes#2.22.13 • CWE-451: User Interface (UI) Misrepresentation of Critical Information CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22865 – Improper access control in GitHub Enterprise Server leading to unauthorized read access to private repository metadata
https://notcve.org/view.php?id=CVE-2021-22865
02 Apr 2021 — An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated from a GitHub App's web authentication flow to read private repository metadata via the REST API without having been granted the appropriate permissions. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. The private repository metadata returned would be limited to repo... • https://docs.github.com/en/enterprise-server%402.21/admin/release-notes#2.21.18 • CWE-285: Improper Authorization •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2021-22864 – Unsafe configuration options in GitHub Pages leading to remote code execution on GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2021-22864
23 Mar 2021 — A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to override environment variables leading to code execution on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulne... • https://docs.github.com/en/enterprise-server%402.21/admin/release-notes#2.21.17 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22863 – Improper access control in GitHub Enterprise Server leading to unauthorized changes to maintainer permissions on pull requests
https://notcve.org/view.php?id=CVE-2021-22863
03 Mar 2021 — An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker would be able to gain access to head branches of pull requests opened on repositories of which they are a maintainer. Forking is disabled by default for organization owned private repositories and would prevent this vul... • https://docs.github.com/en/enterprise-server%402.20/admin/release-notes#2.20.24 • CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22862 – Improper access control in GitHub Enterprise Server leading to the disclosure of Actions secrets to forks
https://notcve.org/view.php?id=CVE-2021-22862
03 Mar 2021 — An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed due to a flaw that allowed the base reference of a pull request to be updated to point to an arbitrary SHA or another pull request outside of the fork repository. By establishing this incorrect reference in a PR, the restrictions that limit the Actions secrets ... • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.1 • CWE-285: Improper Authorization •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2020-10519 – Unsafe configuration options in GitHub Pages leading to remote code execution on GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2020-10519
03 Mar 2021 — A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all ... • https://docs.github.com/en/enterprise-server%402.20/admin/release-notes#2.20.24 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22861 – Improper access control in GitHub Enterprise Server leading to unauthorized write access to forkable repositories
https://notcve.org/view.php?id=CVE-2021-22861
03 Mar 2021 — An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An attacker would need to be able to fork the targeted repository, a setting that is disabled by default for organization owned private repositories. Branch protections such as required pull request reviews or status checks would prevent unauthorized commits from bei... • https://docs.github.com/en/enterprise-server%402.20/admin/release-notes#2.20.24 • CWE-285: Improper Authorization •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-10517 – Improper access control in GitHub Enterprise Server leading to the enumeration of private repository names
https://notcve.org/view.php?id=CVE-2020-10517
27 Aug 2020 — An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.22 and was fixed in versions 2.21.6, 2.20.15, and 2.19.21. This vulnerability was reported via the GitHub Bug Bount... • https://enterprise.github.com/releases/2.19.21/notes • CWE-285: Improper Authorization •