Risk Impact: Successful exploitation allows for complete system compromise. Immediate patching is required.
Required Updates
| Branch | Patch Version |
|---|---|
| 3.14.x | 3.14.25+ |
| 3.15.x | 3.15.20+ |
| 3.16.x | 3.16.16+ |
| 3.17.x | 3.17.13+ |
| 3.18.x | 3.18.7+ |
| 3.19.x | 3.19.4+ |
Network Hunting
Use the following query in your runZero Software Inventory to locate all GHES installations:
vendor:=GitHub AND product:="Enterprise%"

