GitHub Enterprise Server ↗
GitHub · Infrastructure
5/100 Critical
Summary iPlain-English security verdict for GitHub Enterprise Server, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.
GitHub Enterprise Server currently scores 5/100 — critical. No tracked vulnerabilities are currently known to be exploited in the wild. Upgrade promptly to address the open critical vulnerabilities. Note: this product is assessed at the product level on recent (365-day) activity rather than an exact per-version match, so it is never marked a confident "healthy".
Disclosure trend iNew CVEs published for GitHub Enterprise Server each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.
'19
'20
'21
'22
'23
'24
'25
'26
Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.
Most urgent first — actively exploited, then likeliest to be exploited.
CVE-2024-0507 MEDIUM Improper input validation EPSS 73% → fixed in 3.11.3 CVE-2024-0200 HIGH CWE-470 EPSS 70% → fixed in 3.11.3 CVE-2024-9487 CRITICAL CWE-347 EPSS 51% → fixed in 3.14.2 CVE-2022-46255 CRITICAL Path traversal EPSS 4% → see advisory CVE-2024-1374 CRITICAL Improper input validation EPSS 4% → fixed in 3.11.5 CVE-2024-6800 CRITICAL CWE-347 EPSS 3% → fixed in 3.13.3 CVE-2024-1378 CRITICAL Improper input validation EPSS 1% → fixed in 3.11.5 CVE-2024-4985 CRITICAL CWE-303 EPSS 1% → fixed in 3.12.4 CVE-2022-23739 CRITICAL Incorrect authorization EPSS 1% → fixed in 3.6.4 CVE-2024-1359 CRITICAL Improper input validation EPSS 1% → fixed in 3.11.5 CVE-2024-1369 CRITICAL Improper input validation EPSS 1% → fixed in 3.11.5 CVE-2024-1355 CRITICAL Improper input validation EPSS 0% → fixed in 3.11.5ℹ product-level posture (last 365d); exact per-version verdict pending precise version mapping