CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2022-46255 – Improper Limitation of a Pathname to a Restricted Directory in GitHub Enterprise Server leading to RCE
https://notcve.org/view.php?id=CVE-2022-46255
14 Dec 2022 — An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary file overwrite bug. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una limitación inadecua... • https://docs.github.com/en/enterprise-server%403.7/admin/release-notes#3.7.1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-23741 – Incorrect authorization in GitHub Enterprise Server token generation leading to full admin access
https://notcve.org/view.php?id=CVE-2022-23741
14 Dec 2022 — An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. An attacker would require an account with admin access to install a malicious GitHub App. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, and 3.6.5. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de autorización incorrecta en GitHub Enterprise Server que permitió que un t... • https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.17 • CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-23737 – Improper Privilege Management in GitHub Enterprise Server leading to page creation and deletion
https://notcve.org/view.php?id=CVE-2022-23737
01 Dec 2022 — An improper privilege management vulnerability was identified in GitHub Enterprise Server that allowed users with improper privileges to create or delete pages via the API. To exploit this vulnerability, an attacker would need to be added to an organization's repo with write permissions. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.7 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, and 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program. Se ide... • https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20 • CWE-269: Improper Privilege Management •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2022-23740 – Improper Neutralization of Argument Delimiters in a Command in GitHub Enterprise Server leading to Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-23740
23 Nov 2022 — CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. To exploit this vulnerability, an attacker would need permission to create and build GitHub Pages using GitHub Actions. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program. CRÍTICO: Se identificó una neutralización incorrecta... • https://docs.github.com/en/enterprise-server%403.7/admin/release-notes#3.7.1 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-23738 – Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files
https://notcve.org/view.php?id=CVE-2022-23738
01 Nov 2022 — An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub Enterprise Server instance, be able to create a public repository, and have a site administrator visit a specially crafted URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.2.20, 3.3.15, 3.4.10... • https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •
CVSS: 9.0EPSS: 1%CPEs: 4EXPL: 0CVE-2022-23734 – Deserialization of Untrusted Data vulnerability in GitHub Enterprise Server leading to Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-23734
19 Oct 2022 — A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that could potentially lead to remote code execution on the SVNBridge. To exploit this vulnerability, an attacker would need to gain access via a server-side request forgery (SSRF) that would let an attacker control the data being deserialized. This vulnerability affected all versions of GitHub Enterprise Server prior to v3.6 and was fixed in versions 3.5.3, 3.4.6, 3.3.11, and 3.2.16. This vulnerability was reported... • https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.16 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23733 – Stored XSS vulnerability in GitHub Enterprise Server leading to injection of arbitrary attributes
https://notcve.org/view.php?id=CVE-2022-23733
02 Aug 2022 — A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. This injection was blocked by Github's Content Security Policy (CSP). This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.3.11, 3.4.6 and 3.5.3. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de tipo XSS almacenado en GitHub Enterprise Server que permitía la inyección de atribut... • https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.11 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-23732 – Path traversal in GitHub Enterprise Server management console leading to a bypass of CSRF protections
https://notcve.org/view.php?id=CVE-2022-23732
05 Apr 2022 — A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. This could potentially lead to privilege escalation. To exploit this vulnerability, an attacker would need to target a user that was actively logged into the management console. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.5 and was fixed in versions 3.1.19, 3.2.11, 3.3.6, 3.4.1. This vulnerability was reported via the GitHub Bug Bounty ... • https://docs.github.com/en/enterprise-server%403.1/admin/release-notes#3.1.19 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2021-41599 – Improper control flow in GitHub Enterprise Server hosted Pages leads to remote code execution
https://notcve.org/view.php?id=CVE-2021-41599
17 Feb 2022 — A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.3 and was fixed in versions 3.0.21, 3.1.13, 3.2.5. This vulnerability was reported via the GitHub Bug Bounty program. Se ha identificado una vuln... • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.21 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-41598 – UI misrepresentation of granted permissions in GitHub Enterprise Server leading to unauthorized access to user
https://notcve.org/view.php?id=CVE-2021-41598
25 Jan 2022 — A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub App on the instance and have a user authorize the application through the web authentication flow. All permissions being granted would properly be shown during the first authorization, but if the user later updated th... • https://docs.github.com/en/enterprise-server%403.0/admin/release-notes#3.0.21 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •