CVE-2024-1908 | GitHub Enterprise Server up to 3.8.15/3.9.10/3.10.7/3.11.5 Connect Download Token privileges management

Posted by Angelo Barbosa | Feb 29, 2024 | CVE

A vulnerability has been found in GitHub Enterprise Server up to 3.8.15/3.9.10/3.10.7/3.11.5 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Connect Download Token Handler. The manipulation leads to improper privilege management.

This vulnerability is known as CVE-2024-1908. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-1908 | GitHub Enterprise Server up to 3.8.15/3.9.10/3.10.7/3.11.5 Connect Download Token privileges management

Related Posts

CVE-2024-35835 | Linux Kernel up to 6.7.2 mlx5e arfs_create_groups double free

CVE-2024-0297 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi UploadFirmwareFile FileName os command injection

CVE-2024-7396 | Korenix JetPort 5601v3 up to 1.2 missing encryption

CVE-2024-25080 | Axigen prior 10.3.3.62 WebMail cross site scripting