CVE-2024-8263 - GitHub Enterprise Unprivileged Nested Tag Workflow Commit Vulnerability

2 months ago 28
ARTICLE AD BOX
CVE ID : CVE-2024-8263
Published : Sept. 23, 2024, 9:15 p.m. | 24 minutes ago
Description : An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in version 3.10.17, 3.11.15, 3.12.9, 3.13.4, and 3.14.1. This vulnerability was reported via the GitHub Bug Bounty program.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article