Vulnerabilities > Github > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-23 | CVE-2024-8263 | Unspecified vulnerability in Github Enterprise Server An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. | 2.7 |
| 2023-12-21 | CVE-2023-6690 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Github Enterprise Server A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository permissions during the transfer. This vulnerability affected GitHub Enterprise Server version 3.8.0 and above and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1. | 2.0 |
| 2021-05-25 | CVE-2021-32638 | Information Exposure vulnerability in Github Codeql Action Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. | 2.1 |