CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-23986
https://notcve.org/view.php?id=CVE-2020-23986
Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError. Se ha detectado que el commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 de Github Read Me Stats contenía una vulnerabilidad de tipo cross-site scripting (XSS) reflejada por medio de la función renderError. • https://github.com/anuraghazra/github-readme-stats/pull/255 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44684
https://notcve.org/view.php?id=CVE-2021-44684
naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the _hook subcommand is concatenated without any validation, and is directly used by the exec function. naholyr github-todos versión 3.1.0, es vulnerable a una inyección de comandos. El argumento de rango para el subcomando _hook es concatenado sin ninguna comprobación, y es usado directamente por la función exec • https://github.com/dwisiswant0/advisory/issues/5 https://github.com/naholyr/github-todos/issues/34 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22870 – Path traversal in GitHub Enterprise Server hosted Pages leads to unauthorized file read access
https://notcve.org/view.php?id=CVE-2021-22870
A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.19, 3.1.11, and 3.2.3. This vulnerability was reported via the GitHub Bug Bounty program. Se ha identificado una vulnerabilidad de salto de ruta en las construcciones de GitHub Pages en GitHub Enterprise Server que podría permitir a un atacante leer archivos del sistema. • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.19 https://docs.github.com/en/enterprise-server%403.1/admin/release-notes#3.1.11 https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.3 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22868 – Unsafe configuration options in GitHub Pages leading to path traversal on GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2021-22868
A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.1.8 and was fixed in 3.1.8, 3.0.16, and 2.22.22. This vulnerability was reported via the GitHub Bug Bounty program. • https://docs.github.com/en/enterprise-server%402.22/admin/release-notes#2.22.22 https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.16 https://docs.github.com/en/enterprise-server%403.1/admin/release-notes#3.1.8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22869 – Improper access control in GitHub Enterprise Server allows self-hosted runners to execute outside their control group
https://notcve.org/view.php?id=CVE-2021-22869
An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affects customers using self-hosted runner groups for access control. A repository with access to one enterprise runner group could access all of the enterprise runner groups within the organization because of improper authentication checks during the request. This could cause code to be run unintentionally by the incorrect runner group. This vulnerability affected GitHub Enterprise Server versions from 3.0.0 to 3.0.15 and 3.1.0 to 3.1.7 and was fixed in 3.0.16 and 3.1.8 releases. • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.16 https://docs.github.com/en/enterprise-server%403.1/admin/release-notes#3.1.8 • CWE-287: Improper Authentication CWE-668: Exposure of Resource to Wrong Sphere •