Vulnerabilities > Github > Enterprise Server > 3.6.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-17 | CVE-2022-23739 | Incorrect Authorization vulnerability in Github Enterprise Server An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. | 9.8 |
| 2023-01-09 | CVE-2022-46258 | Incorrect Authorization vulnerability in Github Enterprise Server An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a repository-scoped token with read/write access to modify Action Workflow files without a Workflow scope. | 6.5 |
| 2022-12-14 | CVE-2022-23741 | Incorrect Authorization vulnerability in Github Enterprise Server An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a scoped user-to-server token to escalate to full admin/owner privileges. | 7.2 |
| 2022-12-14 | CVE-2022-46256 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. | 8.8 |