GitHub Enterprise Server – Qualys ThreatPROTECT

GitHub Patches Multiple Security Vulnerabilities (CVE-2024-6800, CVE-2024-6337, & CVE-2024-7711)

Posted by Diksha Ojha on August 21, 2024

GitHub released security advisories to address three security vulnerabilities in Enterprise Server (GHES). Tracked as CVE-2024-6800, CVE-2024-6337, & CVE-2024-7711, these vulnerabilities may allow attackers to gain unauthorized access and manipulate repositories. CVE-2024-6800 has been given a critical severity rating with a CVSS score of 9.5.

GitHub Enterprise Server Authentication Bypass Vulnerability (CVE-2024-4985)

Posted by Diksha Ojha on May 22, 2024

A critical severity flaw with the maximum severity rating is discovered in the GitHub Enterprise Server (GHES). Tracked as CVE-2024-4985, the vulnerability may allow an attacker to access the vulnerable server without prior authentication.