Vulnerabilities > Github
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-02 | CVE-2022-23733 | Cross-site Scripting vulnerability in Github Enterprise Server A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. | 5.4 |
| 2022-04-05 | CVE-2022-23732 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. | 8.8 |
| 2022-03-03 | CVE-2022-24724 | Integer Overflow or Wraparound vulnerability in multiple products cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. | 9.8 |
| 2022-03-02 | CVE-2022-24722 | Cross-site Scripting vulnerability in Github Viewcomponent VIewComponent is a framework for building view components in Ruby on Rails. | 4.3 |
| 2022-02-18 | CVE-2021-41599 | Unspecified vulnerability in Github Enterprise Server A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. | 8.8 |
| 2022-02-01 | CVE-2022-21687 | Improper Input Validation vulnerability in Github Gh-Ost gh-ost is a triggerless online schema migration solution for MySQL. | 4.3 |
| 2022-01-25 | CVE-2021-41598 | Unspecified vulnerability in Github Enterprise Server A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. | 8.8 |
| 2021-11-10 | CVE-2021-22870 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. | 6.5 |
| 2021-09-24 | CVE-2021-22868 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. | 4.3 |
| 2021-09-24 | CVE-2021-22869 | Improper Authentication vulnerability in Github Enterprise Server An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. | 9.8 |