CNNVD-202511-892 Information
CNNVD ID
CNNVD-202511-892
Related CVE
- CNNVD Published: 2025-11-10
Description (Chinese)
GitHub Enterprise Server是美国GitHub开源的一个应用软件。提供一个将自己的GitHub实例设置为虚拟设备,从而提供可扩展,易于管理的平台。 GitHub Enterprise Server 3.19之前版本存在安全漏洞,该漏洞源于预接收钩子环境中符号链接逃逸,可能导致权限提升。
Description (English)
GitHub Enterprise Server is an application from GitHub Open Source, United States. Provide an extended and easily managed platform by setting up its GitHub example as a virtual device. There was a security loophole in the previous version of GitHub Enterprise Server 3.19, which stemmed from the escape of the symbol link in the pre-receiving hook environment, which could lead to an increase in privileges.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Github
Published
2025-11-10
Last Modified
2026-02-24
References
https://docs.github.com/en/enterprise-server@3.17/admin/release-notes#3.17.8 https://docs.github.com/en/enterprise-server@3.17/admin/release-notes#3.17.7 https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.19 https://docs.github.com/en/enterprise-server@3.18/admin/release-notes#3.18.2 https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.14 https://docs.github.com/en/enterprise-server@3.18/admin/release-notes#3.18.1 https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.15 https://docs.github.com/en/enterprise-server@3.16/admin/release-notes#3.16.11 https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.20 https://docs.github.com/en/enterprise-server@3.16/admin/release-notes#3.16.10 https://access.redhat.com/security/cve/cve-2025-11578
Share on: