Github Github Enterprise Server

46 CVEs affecting Github Github Enterprise Server. Latest disclosed: 2025-07-01. Critical: 6, High: 15.

Top CVEs affecting Github Github Enterprise Server
CVESeverityScorePublishedSummary
CVE-2024-6800Critical9.82024-08-20An XML signature wrapping vulnerability was present in GitHub Enterprise Server (GHES) when using SAML authentication with specific identity providers utilizin…
CVE-2022-23739Critical9.82023-01-17An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub…
CVE-2022-46255Critical9.82022-12-14An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A c…
CVE-2021-22869Critical9.82021-09-24An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had acc…
CVE-2020-10516Critical9.82020-06-03An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gai…
CVE-2024-2443Critical9.12024-03-20A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain adm…
CVE-2022-46256High8.82022-12-14A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this…
CVE-2022-23740High8.82022-11-23CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code exec…
CVE-2022-23734High8.82022-10-19A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that could potentially lead to remote code execution on the SVNBri…
CVE-2022-23732High8.82022-04-05A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. This could potentiall…
CVE-2021-41599High8.82022-02-18A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vul…
CVE-2021-41598High8.82022-01-25A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authoriz…
CVE-2021-22866High8.82021-05-14A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authoriz…
CVE-2021-22864High8.82021-03-23A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled con…
CVE-2020-10519High8.82021-03-03A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled con…
CVE-2020-10518High8.82020-08-27A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled con…
CVE-2021-22863High8.12021-03-03An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify…
CVE-2024-5795High7.72024-07-16A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause unbounded resource exhaustion by sending a large…
CVE-2025-3246High7.62025-04-17An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting in GitHub Markdown that used `$$…
CVE-2024-5746High7.62024-06-20A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with the Site Administrator role to gain arbitr…