VYPR
Unrated severityNVD Advisory· Published Dec 21, 2023· Updated Aug 2, 2024

Incorrect Authorization allows Read Access to Issue Comments in GitHub Enterprise Server

CVE-2023-51380

Description

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • GitHub/Enterprise Serverllm-fuzzy2 versions
    >=3.7, <3.7.19 || >=3.8, <3.8.12 || >=3.9, <3.9.7 || >=3.10, <3.10.4 || >=3.11, <3.11.1+ 1 more
    • (no CPE)range: >=3.7, <3.7.19 || >=3.8, <3.8.12 || >=3.9, <3.9.7 || >=3.10, <3.10.4 || >=3.11, <3.11.1
    • (no CPE)range: 3.7.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.