Vulnerabilities > Github > Enterprise Server > 3.10.6

DATE CVE VULNERABILITY TITLE RISK
2024-02-13 CVE-2024-1372 Command Injection vulnerability in Github Enterprise Server
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when configuring SAML settings.
network
low complexity
github CWE-77
critical
 9.1
9.1
2024-02-13 CVE-2024-1374 Command Injection vulnerability in Github Enterprise Server
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring audit log forwarding.
network
low complexity
github CWE-77
critical
 9.1
9.1
2024-02-13 CVE-2024-1378 Command Injection vulnerability in Github Enterprise Server
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options.
network
low complexity
github CWE-77
critical
 9.1
9.1