Enterprise Server
Approved changes feed: RSS · Atom
cpe:2.3:a:github:enterprise_server:3.12.0:*:*:*:*:*:*:*
part: a version: 3.12.0 update: *
| Vendor | Github (b5027ca2-9bb9-532e-8779-8399b14c3e3b) |
|---|---|
| Product | Enterprise Server (be636c4e-08d4-5a4d-9a30-88523db2c7b7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-3646 |
vulnerable | 2026-06-03 14:56:31.565194 |
Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Management Console
HIGH (8)
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the instance when configuring the chat integration. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.12.2, 3.11.8, 3.10.10, and 3.9.13. This vulnerability was reported via the GitHub Bug Bounty program.
Published: 2024-04-19T14:21:47.779Z
Updated: 2024-08-01T20:20:00.135Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-2748 |
vulnerable | 2026-06-03 14:55:30.066888 |
CSRF vulnerability was identified in GitHub Enterprise Server that allowed performing actions on behalf of a user
MEDIUM (4.3)
A Cross Site Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker to execute unauthorized actions on behalf of an unsuspecting user. A mitigating factor is that user interaction is required. This vulnerability affected GitHub Enterprise Server 3.12.0 and was fixed in versions 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program.
Published: 2024-03-20T23:09:40.032Z
Updated: 2024-08-02T19:20:10.085Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-2440 |
vulnerable | 2026-06-03 14:55:29.251352 |
Race Condition was identified in GitHub Enterprise Server that allowed maintaining admin permissions
MEDIUM (5.5)
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on a detached repository by making a GraphQL mutation to alter repository permissions while the repository is detached. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13 and was fixed in versions 3.9.13, 3.10.10, 3.11.8 and 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program.
Published: 2024-04-19T17:02:29.144Z
Updated: 2024-08-01T19:11:53.576Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.