cbcvebase.

Github Enterprise Server vulnerabilities

113 known vulnerabilities affecting github/enterprise_server.

Total CVEs
113
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL18HIGH33MEDIUM58LOW4

Vulnerabilities

Page 1 of 6
CVE-2024-0200P1CRITICALCVSS 9.8PoC≥ 3.8.0, < 3.8.13≥ 3.9.0, < 3.9.8+2 more2024-01-16
CVE-2024-0200 [CRITICAL] CWE-470 CVE-2024-0200: An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to ref An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role. This v
nvd
CVE-2024-0507P1HIGHCVSS 8.8PoCfixed in 3.8.13≥ 3.9.0, < 3.9.8+6 more2024-01-16
CVE-2024-0507 [HIGH] CWE-20 CVE-2024-0507: An attacker with access to a Management Console user account with the editor role could escalate pri An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug
nvd
CVE-2024-9487P1CRITICALCVSS 9.1PoCfixed in 3.11.16≥ 3.12.0, < 3.12.10+6 more2024-10-10
CVE-2024-9487 [CRITICAL] CWE-347 CVE-2024-9487: An improper verification of cryptographic signature vulnerability was identified in GitHub Enterpris An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be enabled, and the attacker would require direct networ
nvd
CVE-2026-3854P2HIGHCVSS 8.8fixed in 3.14.24≥ 3.15.0, < 3.15.19+10 more2026-03-10
CVE-2026-3854 [HIGH] CWE-77 CVE-2026-3854: An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Ser An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly sanitized before being included in internal service headers. Bec
nvd
CVE-2024-4985P2CRITICALCVSS 9.8fixed in 3.9.15≥ 3.10.0, < 3.10.12+6 more2024-05-20
CVE-2024-4985 [CRITICAL] CWE-303 CVE-2024-4985: An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when utili An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when utilizing SAML single sign-on authentication with the optional encrypted assertions feature. This vulnerability allowed an attacker to forge a SAML response to provision and/or gain access to a user with site administrator privileges. Exploitation of this
nvd
CVE-2024-6800P2CRITICALCVSS 9.8≥ 3.10.0, < 3.10.16≥ 3.11.0, < 3.11.14+2 more2024-08-20
CVE-2024-6800 [CRITICAL] CWE-347 CVE-2024-6800: An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SA An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SAML authentication with specific identity providers utilizing publicly exposed signed federation metadata XML. This vulnerability allowed an attacker with direct network access to GitHub Enterprise Server to forge a SAML response to provision and/or ga
nvd
CVE-2026-9312P2HIGHCVSS 8.2≥ 3.16.0, < 3.16.19≥ 3.17.0, < 3.17.16+10 more2026-05-27
CVE-2026-9312 [HIGH] CWE-918 CVE-2026-9312: A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that a A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal content into request parameters, an attacker could bypass the intended request
nvd
CVE-2026-8034P2CRITICALCVSS 9.8fixed in 3.16.18≥ 3.17.0, < 3.17.15+8 more2026-05-07
CVE-2026-8034 [CRITICAL] CWE-436 CVE-2026-8034: A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server no A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal services by exploiting URL parser confusion between the validation layer and the HTTP request library. The hostname validation used a different URL parser than the request library, enabling a c
nvd
CVE-2026-5845P2CRITICALCVSS 9.6fixed in 3.14.26≥ 3.15.0, < 3.15.21+12 more2026-04-21
CVE-2026-5845 [CRITICAL] CWE-639 CVE-2026-5845: An improper authorization vulnerability in scoped user-to-server (ghu_) token authorization in GitHu An improper authorization vulnerability in scoped user-to-server (ghu_) token authorization in GitHub Enterprise Server allows an authenticated attacker to access private repositories outside the intended installation scope, which can include write operations, via an authorization fallback that treated a revoked/deleted installation as a global inst
nvd
CVE-2021-41599P2HIGHCVSS 8.8≥ 3.0.0, < 3.0.21≥ 3.1.0, < 3.1.13+1 more2022-02-18
CVE-2021-41599 [HIGH] CWE-77 CVE-2021-41599: A remote code execution vulnerability was identified in GitHub Enterprise Server that could be explo A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Serve
nvd
CVE-2022-23734P2HIGHCVSS 8.8fixed in 3.2.16≥ 3.3.0, < 3.3.11+2 more2022-10-19
CVE-2022-23734 [HIGH] CWE-502 CVE-2022-23734: A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that co A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that could potentially lead to remote code execution on the SVNBridge. To exploit this vulnerability, an attacker would need to gain access via a server-side request forgery (SSRF) that would let an attacker control the data being deserialized. This vulnerabil
nvd
CVE-2024-1355P2CRITICALCVSS 9.1fixed in 3.8.15≥ 3.9.0, < 3.9.10+3 more2024-02-13
CVE-2024-1355 [CRITICAL] CWE-20 CVE-2024-1355: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacke A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance
nvd
CVE-2021-22864P2HIGHCVSS 8.8≥ 2.21.0, < 2.21.17≥ 2.22.0, < 2.22.9+1 more2021-03-23
CVE-2021-22864 [HIGH] CWE-77 CVE-2021-22864: A remote code execution vulnerability was identified in GitHub Enterprise Server that could be explo A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to override environment variables leading to code execution on the GitHub Enterprise Server instance.
nvd
CVE-2022-46256P2HIGHCVSS 8.8fixed in 3.3.17≥ 3.4.0, < 3.4.12+3 more2022-12-14
CVE-2022-46256 [HIGH] CWE-22 CVE-2022-46256: A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code e A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the instance. This vulnerability was fixed in versions 3.3.17, 3.4.12, 3.5.9, 3.6.5 and 3.7.2. This vu
nvd
CVE-2026-0573P2CRITICALCVSS 9.0fixed in 3.14.22≥ 3.15.0, < 3.15.17+10 more2026-02-18
CVE-2026-0573 [CRITICAL] CWE-601 CVE-2026-0573: An URL redirection vulnerability was identified in GitHub Enterprise Server that allowed attacker-co An URL redirection vulnerability was identified in GitHub Enterprise Server that allowed attacker-controlled redirects to leak sensitive authorization tokens. The repository_pages API insecurely followed HTTP redirects when fetching artifact URLs, preserving the authorization header containing a privileged JWT. An authenticated user could redirect t
nvd
CVE-2022-46255P2CRITICALCVSS 9.8v3.7.02022-12-14
CVE-2022-46255 [CRITICAL] CWE-22 CVE-2022-46255: An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHu An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary file overwrite bug. This vulnerability affected only version 3.7.0 of
nvd
CVE-2024-1369P3CRITICALCVSS 9.1fixed in 3.8.15≥ 3.9.0, < 3.9.10+3 more2024-02-13
CVE-2024-1369 [CRITICAL] CWE-20 CVE-2024-1369: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacke A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configurations. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance an
nvd
CVE-2021-22869P3CRITICALCVSS 9.8≥ 3.0.0, < 3.0.16≥ 3.1.0, < 3.1.82021-09-24
CVE-2021-22869 [CRITICAL] CWE-668 CVE-2021-22869: An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execu An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affects customers using self-hosted runner groups for access control. A repository with access to one enterprise runner group could access all of the enterprise runner groups wi
nvd
CVE-2024-1374P3CRITICALCVSS 9.1fixed in 3.8.15≥ 3.9.0, < 3.9.10+3 more2024-02-13
CVE-2024-1374 [CRITICAL] CWE-20 CVE-2024-1374: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacke A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access
nvd
CVE-2024-1378P3CRITICALCVSS 9.1fixed in 3.8.15≥ 3.9.0, < 3.9.10+3 more2024-02-13
CVE-2024-1378 [CRITICAL] CWE-20 CVE-2024-1378: A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacke A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the M
nvd
Github Enterprise Server vulnerabilities | cvebase