csaf_certbund - wid-sec-w-2022-1935

wid-sec-w-2022-1935

Vulnerability from csaf_certbund

Published

2022-11-01 23:00

Modified

2023-04-02 22:00

Summary

Microsoft GitHub Enterprise: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

GitHub ist ein netzbasierter Dienst zur Versionsverwaltung für Software-Entwicklungsprojekte.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Microsoft GitHub Enterprise ausnutzen, um Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.

Betroffene Betriebssysteme

- UNIX - Linux - MacOS X - Windows - Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "GitHub ist ein netzbasierter Dienst zur Versionsverwaltung f\u00fcr Software-Entwicklungsprojekte.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Microsoft GitHub Enterprise ausnutzen, um Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-1935 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1935.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-1935 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1935"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2023-D1E9E62A92 vom 2023-04-01",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-d1e9e62a92"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-11-01",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23738"
      },
      {
        "category": "external",
        "summary": "Github Security Advisory vom 2022-11-01",
        "url": "https://github.com/advisories/GHSA-wq4h-7r42-5hrr"
      },
      {
        "category": "external",
        "summary": "Github Security Advisory vom 2022-11-01",
        "url": "https://github.com/advisories/GHSA-xh29-r2w5-wx8m"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:3890-1 vom 2022-11-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/012823.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4015-1 vom 2022-11-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/012945.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4016-1 vom 2022-11-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/012946.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2022-1648 vom 2022-12-10",
        "url": "https://alas.aws.amazon.com/ALAS-2022-1648.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Microsoft GitHub Enterprise: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-04-02T22:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:02:21.885+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2022-1935",
      "initial_release_date": "2022-11-01T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-11-01T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-11-07T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-11-16T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-12-11T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2023-04-02T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Fedora aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Microsoft GitHub Enterprise \u003c 3.2.20",
                "product": {
                  "name": "Microsoft GitHub Enterprise \u003c 3.2.20",
                  "product_id": "T025180",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:github_enterprise:3.2.20"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft GitHub Enterprise \u003c 3.3.15",
                "product": {
                  "name": "Microsoft GitHub Enterprise \u003c 3.3.15",
                  "product_id": "T025181",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:github_enterprise:3.3.15"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft GitHub Enterprise \u003c 3.4.10",
                "product": {
                  "name": "Microsoft GitHub Enterprise \u003c 3.4.10",
                  "product_id": "T025182",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:github_enterprise:3.4.10"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft GitHub Enterprise \u003c 3.5.7",
                "product": {
                  "name": "Microsoft GitHub Enterprise \u003c 3.5.7",
                  "product_id": "T025183",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:github_enterprise:3.5.7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft GitHub Enterprise \u003c 3.6.3",
                "product": {
                  "name": "Microsoft GitHub Enterprise \u003c 3.6.3",
                  "product_id": "T025184",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:microsoft:github_enterprise:3.6.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "GitHub Enterprise"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-23738",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Microsoft GitHub Enterprise. Der Fehler basiert darauf, dass Daten von einem privaten Repository in ein \u00f6ffentliches Repository \u00fcbertragen werden k\u00f6nnen. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen. Zur erfolgreichen Ausnutzung muss ein Administrator einen speziell manipulierten Link anklicken."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "398363",
          "74185"
        ]
      },
      "release_date": "2022-11-01T23:00:00Z",
      "title": "CVE-2022-23738"
    },
    {
      "cve": "CVE-2022-29181",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Microsoft GitHub Enterprise. Diese besteht in der Komponente Nokogiri und ist auf eine fehlende Typenpr\u00fcfung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "398363",
          "74185"
        ]
      },
      "release_date": "2022-11-01T23:00:00Z",
      "title": "CVE-2022-29181"
    },
    {
      "cve": "CVE-2022-39209",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Microsoft GitHub Enterprise. Diese besteht in der \"Autolink\"-Erweiterung der Komponente \"cmark-gfm\" und f\u00fchrt zu einem erh\u00f6hten Ressourcenverbrauch. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "398363",
          "74185"
        ]
      },
      "release_date": "2022-11-01T23:00:00Z",
      "title": "CVE-2022-39209"
    }
  ]
}

cve-2022-39209

Vulnerability from cvelistv5

Published

2022-09-15 00:00

Modified

2024-08-03 12:00

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Uncontrolled Resource Consumption in cmark-gfm

References

▼	URL	Tags
	https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q
	https://github.com/github/cmark-gfm/commit/9d57d8a23142b316282bdfc954cb0ecda40a8655
	https://en.wikipedia.org/wiki/Time_complexity
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMGP65NANDVKPDMXMKYO2ZV2H2HZJY4P/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIUCZN3PEKUCT2JQYQTYOVIJG2KSD6G7/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEAAAI4OULDYQ2TA3HOXH54PC3DCBFZS/	vendor-advisory

Impacted products

▼	Vendor	Product
	github	cmark-gfm

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:00:42.513Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/github/cmark-gfm/commit/9d57d8a23142b316282bdfc954cb0ecda40a8655"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://en.wikipedia.org/wiki/Time_complexity"
          },
          {
            "name": "FEDORA-2022-6bcee2cc93",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMGP65NANDVKPDMXMKYO2ZV2H2HZJY4P/"
          },
          {
            "name": "FEDORA-2022-f1aed93db8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIUCZN3PEKUCT2JQYQTYOVIJG2KSD6G7/"
          },
          {
            "name": "FEDORA-2022-dc6d6d9d6c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEAAAI4OULDYQ2TA3HOXH54PC3DCBFZS/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "cmark-gfm",
          "vendor": "github",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.29.0.gfm.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "cmark-gfm is GitHub\u0027s fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm\u0027s autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the patch by running `python3 -c \u0027print(\"![l\"* 100000 + \"\\n\")\u0027 | ./cmark-gfm -e autolink`, which will resource exhaust on unpatched cmark-gfm but render correctly on patched cmark-gfm. This vulnerability has been patched in 0.29.0.gfm.6. Users are advised to upgrade. Users unable to upgrade should disable the use of the autolink extension."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-14T00:00:00",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/github/cmark-gfm/security/advisories/GHSA-cgh3-p57x-9q7q"
        },
        {
          "url": "https://github.com/github/cmark-gfm/commit/9d57d8a23142b316282bdfc954cb0ecda40a8655"
        },
        {
          "url": "https://en.wikipedia.org/wiki/Time_complexity"
        },
        {
          "name": "FEDORA-2022-6bcee2cc93",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMGP65NANDVKPDMXMKYO2ZV2H2HZJY4P/"
        },
        {
          "name": "FEDORA-2022-f1aed93db8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIUCZN3PEKUCT2JQYQTYOVIJG2KSD6G7/"
        },
        {
          "name": "FEDORA-2022-dc6d6d9d6c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UEAAAI4OULDYQ2TA3HOXH54PC3DCBFZS/"
        }
      ],
      "source": {
        "advisory": "GHSA-cgh3-p57x-9q7q",
        "discovery": "UNKNOWN"
      },
      "title": "Uncontrolled Resource Consumption in cmark-gfm"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-39209",
    "datePublished": "2022-09-15T00:00:00",
    "dateReserved": "2022-09-02T00:00:00",
    "dateUpdated": "2024-08-03T12:00:42.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-29181

Vulnerability from cvelistv5

Published

2022-05-20 00:00

Modified

2024-08-03 06:17

Severity ?

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Summary

Improper Handling of Unexpected Data Type in Nokogiri

References

▼	URL	Tags
	https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m
	https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267
	https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
	https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri/
	https://security.gentoo.org/glsa/202208-29	vendor-advisory
	https://support.apple.com/kb/HT213532
	http://seclists.org/fulldisclosure/2022/Dec/23	mailing-list

Impacted products

▼	Vendor	Product
	sparklemotion	nokogiri

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:17:54.244Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri/"
          },
          {
            "name": "GLSA-202208-29",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-29"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT213532"
          },
          {
            "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nokogiri",
          "vendor": "sparklemotion",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.13.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-241",
              "description": "CWE-241: Improper Handling of Unexpected Data Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-21T00:00:00",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-xh29-r2w5-wx8m"
        },
        {
          "url": "https://github.com/sparklemotion/nokogiri/commit/db05ba9a1bd4b90aa6c76742cf6102a7c7297267"
        },
        {
          "url": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6"
        },
        {
          "url": "https://securitylab.github.com/advisories/GHSL-2022-031_GHSL-2022-032_Nokogiri/"
        },
        {
          "name": "GLSA-202208-29",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202208-29"
        },
        {
          "url": "https://support.apple.com/kb/HT213532"
        },
        {
          "name": "20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2022/Dec/23"
        }
      ],
      "source": {
        "advisory": "GHSA-xh29-r2w5-wx8m",
        "discovery": "UNKNOWN"
      },
      "title": "Improper Handling of Unexpected Data Type in Nokogiri"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-29181",
    "datePublished": "2022-05-20T00:00:00",
    "dateReserved": "2022-04-13T00:00:00",
    "dateUpdated": "2024-08-03T06:17:54.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-23738

Vulnerability from cvelistv5

Published

2022-11-01 00:00

Modified

2024-08-03 03:51

Severity ?

Summary

Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files

References

▼	URL	Tags
	https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20
	https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.15
	https://docs.github.com/en/enterprise-server%403.4/admin/release-notes#3.4.10
	https://docs.github.com/en/enterprise-server%403.5/admin/release-notes#3.5.7
	https://docs.github.com/en/enterprise-server%403.6/admin/release-notes#3.6.3

Impacted products

▼	Vendor	Product
	GitHub	GitHub Enterprise Server

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:51:46.239Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server%403.4/admin/release-notes#3.4.10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server%403.5/admin/release-notes#3.5.7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server%403.6/admin/release-notes#3.6.3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "GitHub Enterprise Server",
          "vendor": "GitHub",
          "versions": [
            {
              "lessThan": "3.2.20",
              "status": "affected",
              "version": "3.2",
              "versionType": "custom"
            },
            {
              "lessThan": "3.3.15",
              "status": "affected",
              "version": "3.3",
              "versionType": "custom"
            },
            {
              "lessThan": "3.4.10",
              "status": "affected",
              "version": "3.4",
              "versionType": "custom"
            },
            {
              "lessThan": "3.5.7",
              "status": "affected",
              "version": "3.5",
              "versionType": "custom"
            },
            {
              "lessThan": "3.6.3",
              "status": "affected",
              "version": "3.6",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "ahacker1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to access private repository files through a public repository. To exploit this, an actor would need to already be authorized on the GitHub Enterprise Server instance, be able to create a public repository, and have a site administrator visit a specially crafted URL. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.6 and was fixed in versions 3.2.20, 3.3.15, 3.4.10, 3.5.7, 3.6.3. This vulnerability was reported via the GitHub Bug Bounty program."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-01T00:00:00",
        "orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
        "shortName": "GitHub_P"
      },
      "references": [
        {
          "url": "https://docs.github.com/en/enterprise-server%403.2/admin/release-notes#3.2.20"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server%403.3/admin/release-notes#3.3.15"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server%403.4/admin/release-notes#3.4.10"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server%403.5/admin/release-notes#3.5.7"
        },
        {
          "url": "https://docs.github.com/en/enterprise-server%403.6/admin/release-notes#3.6.3"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
    "assignerShortName": "GitHub_P",
    "cveId": "CVE-2022-23738",
    "datePublished": "2022-11-01T00:00:00",
    "dateReserved": "2022-01-19T00:00:00",
    "dateUpdated": "2024-08-03T03:51:46.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

wid-sec-w-2022-1935

Vulnerability from csaf_certbund

cve-2022-39209

Vulnerability from cvelistv5

cve-2022-29181

Vulnerability from cvelistv5

cve-2022-23738

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature