Vulnerabilities > Github > Enterprise Server > 3.9.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-6802 | Information Exposure Through Log Files vulnerability in Github Enterprise Server An insertion of sensitive information into the log file in the audit log in GitHub Enterprise Server was identified that could allow an attacker to gain access to the management console. | 6.5 |
| 2023-12-21 | CVE-2023-6803 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Github Enterprise Server A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. | 4.0 |
| 2023-12-21 | CVE-2023-6804 | Improper Privilege Management vulnerability in Github Enterprise Server Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. | 5.5 |
| 2023-12-21 | CVE-2023-6847 | Improper Authentication vulnerability in Github Enterprise Server An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. | 7.5 |