First published: Tue Jul 16 2024(Updated: )
An improper privilege management vulnerability allowed users to migrate private repositories without having appropriate scopes defined on the related Personal Access Token. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.
Credit: product-cna@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitHub Enterprise Server | >=3.9.0<3.9.17 | |
GitHub Enterprise Server | >=3.10.0<3.10.14 | |
GitHub Enterprise Server | >=3.11.0<3.11.12 | |
GitHub Enterprise Server | >=3.12.0<3.12.6 | |
GitHub Enterprise Server | =3.13.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.