CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. To exploit this vulnerability, an attacker would need permission to create and build GitHub Pages using GitHub Actions. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program.
More Stories
matrix-synapse-1.105.1-1.fc38 rust-pythonize-0.21.1-1.fc38
FEDORA-2024-7be0693731 Packages in this update: matrix-synapse-1.105.1-1.fc38 rust-pythonize-0.21.1-1.fc38 Update description: Update matrix-synapse to v1.105.1 (CVE-2024-31208) Update to v1.105.0 Read More
matrix-synapse-1.105.1-1.fc39 rust-pythonize-0.21.1-1.fc39
FEDORA-2024-d408b654d6 Packages in this update: matrix-synapse-1.105.1-1.fc39 rust-pythonize-0.21.1-1.fc39 Update description: Update matrix-synapse to v1.105.1 (CVE-2024-31208) Update to v1.105.0 Read More
matrix-synapse-1.105.1-1.fc40 rust-pythonize-0.21.1-1.fc40
FEDORA-2024-3ff83cb806 Packages in this update: matrix-synapse-1.105.1-1.fc40 rust-pythonize-0.21.1-1.fc40 Update description: Update matrix-synapse to v1.105.1 (CVE-2024-31208) Update to v1.105.0 Read More
thunderbird-115.10.1-4.fc39
FEDORA-2024-81c9a3fe50 Packages in this update: thunderbird-115.10.1-4.fc39 Update description: Update to 115.10.1 https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/ Fix https://bugzilla.redhat.com/show_bug.cgi?id=2276078 Including security update to 115.10.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/...
thunderbird-115.10.1-4.fc38
FEDORA-2024-15b892ebd3 Packages in this update: thunderbird-115.10.1-4.fc38 Update description: Update to 115.10.1 https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/ Fix https://bugzilla.redhat.com/show_bug.cgi?id=2276078 Including security update to 115.10.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/...
python-aiohttp-3.9.5-1.el9
FEDORA-EPEL-2024-bab8814ee2 Packages in this update: python-aiohttp-3.9.5-1.el9 Update description: Security update for CVE-2024-27306 https://github.com/aio-libs/aiohttp/releases/tag/v3.9.5 https://github.com/aio-libs/aiohttp/releases/tag/v3.9.4 Read More