Unrated severityNVD Advisory· Published Sep 1, 2023· Updated Oct 1, 2024
Information disclosure in GitHub Enterprise Server leading to private repository leakage
CVE-2023-23763
Description
An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.10.0 and was fixed in versions 3.9.4, 3.8.9, 3.7.16 and 3.6.18. This vulnerability was reported via the GitHub Bug Bounty program.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<3.10.0+ 1 more
- (no CPE)range: <3.10.0
- (no CPE)range: 3.6.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.