How severe is CVE-2021-22868?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2021-22868?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2021-22868

MEDIUM Year: 2021

CVSS v3 Score

4.3

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-77

View all →

Vulnerability Description

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.1.8 and was fixed in 3.1.8, 3.0.16, and 2.22.22. This vulnerability was reported via the GitHub Bug Bounty program. This is the result of an incomplete fix for CVE-2021-22867.

CVE-2023-26430

MEDIUM

CVSS:4.3(Medium)

Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEVE extension that are not allowed by App Suite or to inject...

CWE-772023

CVE-2025-27146

MEDIUM

CVSS:4.3(Medium)

matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppete...

CWE-772025

CVE-2019-1607

MEDIUM

CVSS:4.2(Medium)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerabilit...

CWE-772019