cbcvebase.

Github Enterprise Server vulnerabilities

43 known vulnerabilities affecting github/github_enterprise_server.

Total CVEs
43
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH13MEDIUM24LOW1

Vulnerabilities

Page 3 of 3
CVE-2022-46257P4MEDIUMCVSS 4.3≥ 3.3, < 3.3.17≥ 3.4, < 3.4.12+2 more2023-03-07
CVE-2022-46257 [MEDIUM] CWE-200 CVE-2022-46257: An information disclosure vulnerability was identified in GitHub Enterprise Server that allowed priv An information disclosure vulnerability was identified in GitHub Enterprise Server that allowed private repositories to be added to a GitHub Actions runner group via the API by a user who did not have access to those repositories, resulting in the repository names being shown in the UI. To exploit this vulnerability, an attacker would need access to
nvd
CVE-2025-6600P4MEDIUMCVSS 4.3≥ 3.17.0, ≤ 3.17.12025-07-01
CVE-2025-6600 [MEDIUM] CWE-200 CVE-2025-6600: An exposure of sensitive information vulnerability was identified in GitHub Enterprise Server that c An exposure of sensitive information vulnerability was identified in GitHub Enterprise Server that could allow an attacker to disclose the names of private repositories within an organization. This issue could be exploited by leveraging a user-to-server token with no scopes via the Search API endpoint. Successful exploitation required an organization
nvd
CVE-2024-8263P4LOWCVSS 2.7≥ 3.14, ≤ 3.14.0≥ 3.13.0, ≤ 3.13.3+3 more2024-09-23
CVE-2024-8263 [LOW] CWE-269 CVE-2024-8263: An improper privilege management vulnerability allowed arbitrary workflows to be committed using an An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version 3.10.17, 3.11.15, 3.12.9, 3.13.4, and 3.14.1. This vulnerability was reported via the GitHub Bug Bounty progr
nvd
Github Enterprise Server vulnerabilities | cvebase