Vulnerabilities > Github > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-01 | CVE-2022-23737 | Improper Privilege Management vulnerability in Github Enterprise Server An improper privilege management vulnerability was identified in GitHub Enterprise Server that allowed users with improper privileges to create or delete pages via the API. | 6.5 |
| 2022-11-01 | CVE-2022-23738 | Files or Directories Accessible to External Parties vulnerability in Github Enterprise Server An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. | 5.7 |
| 2022-09-15 | CVE-2022-39209 | Algorithmic Complexity vulnerability in multiple products cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. | 6.5 |
| 2022-08-15 | CVE-2022-35954 | Injection vulnerability in Github Toolkit The GitHub Actions ToolKit provides a set of packages to make creating actions easier. | 5.0 |
| 2022-08-02 | CVE-2022-23733 | Cross-site Scripting vulnerability in Github Enterprise Server A stored XSS vulnerability was identified in GitHub Enterprise Server that allowed the injection of arbitrary attributes. | 5.4 |
| 2022-03-02 | CVE-2022-24722 | Cross-site Scripting vulnerability in Github Viewcomponent VIewComponent is a framework for building view components in Ruby on Rails. | 6.1 |
| 2022-02-01 | CVE-2022-21687 | Improper Input Validation vulnerability in Github Gh-Ost gh-ost is a triggerless online schema migration solution for MySQL. | 6.5 |
| 2021-11-10 | CVE-2021-22870 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. | 6.5 |
| 2021-09-24 | CVE-2021-22868 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. | 4.3 |
| 2021-07-14 | CVE-2021-22867 | Path Traversal vulnerability in Github Enterprise Server A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. | 6.5 |