CNNVD-202601-965 Information

Jan 06, 2026 cve

CNNVD ID

CNNVD-202601-965

CVE-2025-13744

  • CNNVD Published: 2026-01-06

Description (Chinese)

GitHub Enterprise Server是美国GitHub开源的一个应用软件。提供一个将自己的GitHub实例设置为虚拟设备,从而提供可扩展,易于管理的平台。 GitHub Enterprise Server 3.20之前版本存在安全漏洞,该漏洞源于输入中和不当,可能导致敏感信息泄露。

Description (English)

GitHub Enterprise Server is an application from GitHub Open Source, United States. Provide an extended and easily managed platform by setting up its GitHub example as a virtual device. There was a security loophole in the previous version of GitHub Enterprise Server 3.20, which originated in inappropriate input and could lead to the disclosure of sensitive information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Github

Published

2026-01-06

Last Modified

2026-02-24

References

https://docs.github.com/en/enterprise-server@3.17/admin/release-notes#3.17.8 https://docs.github.com/en/enterprise-server@3.18/admin/release-notes#3.18.2 https://docs.github.com/en/enterprise-server@3.19/admin/release-notes#3.19.1 https://docs.github.com/en/enterprise-server@3.15/admin/release-notes#3.15.15 https://docs.github.com/en/enterprise-server@3.16/admin/release-notes#3.16.11 https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.20 https://access.redhat.com/security/cve/cve-2025-13744

Patch

https://docs.github.com/en/enterprise-server@3.19/admin/all-releases

Share on: