Vulnerabilities > Github
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-31 | CVE-2023-26485 | Resource Exhaustion vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2023-03-08 | CVE-2023-23760 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. | 8.8 |
| 2023-03-07 | CVE-2022-46257 | Exposure of Resource to Wrong Sphere vulnerability in Github Enterprise Server An information disclosure vulnerability was identified in GitHub Enterprise Server that allowed private repositories to be added to a GitHub Actions runner group via the API by a user who did not have access to those repositories, resulting in the repository names being shown in the UI. | 4.3 |
| 2023-03-02 | CVE-2023-22381 | Code Injection vulnerability in Github Enterprise Server A code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner. | 8.8 |
| 2023-02-16 | CVE-2023-22380 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. | 6.5 |
| 2023-01-26 | CVE-2023-22486 | Resource Exhaustion vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2023-01-24 | CVE-2023-22485 | XML Injection (aka Blind XPath Injection) vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 5.3 |
| 2023-01-23 | CVE-2023-22483 | Algorithmic Complexity vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2023-01-23 | CVE-2023-22484 | Algorithmic Complexity vulnerability in Github Cmark-Gfm cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 7.5 |
| 2023-01-17 | CVE-2022-23739 | Incorrect Authorization vulnerability in Github Enterprise Server An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. | 9.8 |