CNNVD-202512-2163 Information
CNNVD ID
CNNVD-202512-2163
Related CVE
- CNNVD Published: 2025-12-11
Description (Chinese)
GitHub Enterprise Server是美国GitHub开源的一个应用软件。提供一个将自己的GitHub实例设置为虚拟设备,从而提供可扩展,易于管理的平台。 GitHub Enterprise Server 3.18.3之前版本、3.17.9之前版本、3.16.12之前版本、3.15.16之前版本和3.14.21之前版本存在安全漏洞,该漏洞源于输入中和不当,可能导致未授权后端交互。
Description (English)
GitHub Enterprise Server is an application from GitHub Open Source, United States. Provide an extended and easily managed platform by setting up its GitHub example as a virtual device. There is a security loophole in the pre-GitHub Enterprise Server 3.15.3, pre-3.17.9, pre-3.16.12, pre-3.15.16 and pre-3.14.21, which stems from incompatibilities in the input and may lead to unauthorized backend interaction.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Github
Published
2025-12-11
Last Modified
2026-02-24
References
https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.21 https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.16 https://docs.github.com/en/enterprise-server@3.16/admin/release-notes#3.16.12 https://docs.github.com/en/enterprise-server@3.17/admin/release-notes#3.17.9 https://docs.github.com/en/enterprise-server@3.18/admin/release-notes#3.18.3
Patch
https://docs.github.com/en/enterprise-server@3.19/admin/overview/about-github-enterprise-server
Share on: