One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 8299310 |
| Date de publication | 2023-01-09 17:15:10 (vue: 2023-01-09 20:08:51) |
| Titre | CVE-2022-46258 |
| Texte | An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a repository-scoped token with read/write access to modify Action Workflow files without a Workflow scope. The Create or Update file contents API should enforce workflow scope. This vulnerability affected all versions of GitHub Enterprise Server prior to version 3.7 and was fixed in versions 3.3.16, 3.4.11, 3.5.8, and 3.6.4. This vulnerability was reported via the GitHub Bug Bounty program. |
| Notes | |
| Envoyé | Oui |
| Condensat | 2022 46258 access action affected all allowed api authorization bounty bug contents create cve enforce enterprise file files fixed github identified incorrect modify prior program read/write reported repository scope scoped server should token update version versions vulnerability without workflow |
| Tags | Vulnerability |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.