A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause unbounded resource exhaustion by sending a large payload to the Git server. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Github
Github enterprise Server |
|
CPEs | cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:* cpe:2.3:a:github:enterprise_server:3.13.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Github
Github enterprise Server |
MITRE
Status: PUBLISHED
Assigner: GitHub_P
Published: 2024-07-16T21:26:54.243Z
Updated: 2024-08-01T21:25:01.600Z
Reserved: 2024-06-10T15:12:00.887Z
Link: CVE-2024-5795
Vulnrichment
Updated: 2024-08-01T21:25:01.600Z
NVD
Status : Modified
Published: 2024-07-16T22:15:05.253
Modified: 2024-11-21T09:48:20.780
Link: CVE-2024-5795
Redhat
No data.