How severe is CVE-2023-23764?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2023-23764?

This is classified as CWE-697, which is a common weakness in software security.

CVE-2023-23764 - HIGH Severity | CVSS 7.1

Vulnerability Description

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker would need write access to the repository. This vulnerability affected GitHub Enterprise Server versions 3.7.0 and above and was fixed in versions 3.7.9, 3.8.2, and 3.9.1. This vulnerability was reported via the GitHub Bug Bounty program.

Related Vulnerabilities

CVE-2023-23840

HIGH

CVSS:7.2(High)

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands wi...

CWE-6972023

CVE-2023-23843

HIGH

CVSS:7.2(High)

The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands.

CWE-6972023

CVE-2023-23845

HIGH

CVSS:7.2(High)

CWE-6972023

CVE-2023-33225

HIGH

CVSS:7.2(High)

CWE-6972023

CVE-2024-41958

HIGH

CVSS:7.2(High)

mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated att...

CWE-6972024

CVE-2022-20072

MEDIUM

CVSS:6.7(Medium)

In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges ...

CWE-6972022