This is not the latest report. Click
here to view the latest report.
CVSS v3.1 Statistics for GitHub, Inc. as of 07/27/2022
2235
320
40
278
Reference
0-69.9%
|
Contributor |
86.9
Contributor
70-94.9%
Provider
95-100%
CVE | CNA Value | Alignment | NIST Value | Reason |
---|---|---|---|---|
CVE-2022-24800 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-29187 (8 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31012 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31058 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31073 (7 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Applied AV:N due to network vector identified |
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31074 (6 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Applied AV:N due to network vector identified |
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31075 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31078 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31079 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31080 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31097 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
Confidentiality (C) High | ≠ | Confidentiality (C) Low | Information leaked appears non-critical/sensitive | |
Integrity (I) High | ≠ | Integrity (I) Low | Integrity impact appears non-critical | |
Availability (A) None | Availability (A) None | |||
CVE-2022-31102 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) High | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) None | ≠ | Confidentiality (C) Low | Information leaked appears non-critical/sensitive | |
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31105 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31107 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2022-31110 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2022-31111 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31113 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2022-31116 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31121 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31124 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31126 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) Low | ≠ | Availability (A) High | No availability impacts identified | |
CVE-2022-31127 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2022-31129 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31131 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) None | No confidentiality impacts identified | |
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31134 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31137 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31138 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31139 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31140 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2022-31142 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31144 (6 of 8) | Attack Vector (AV) Local | ≠ | Attack Vector (AV) Network | Applied AV:N due to network vector identified |
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31145 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31147 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31150 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | ≠ | Confidentiality (C) Low | No limiting factors for confidentiality listed | |
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31153 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-31156 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | ≠ | Confidentiality (C) None | No confidentiality impacts identified | |
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2022-31157 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31158 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-31159 (3 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) Required | ≠ | User Interaction (UI) None | User Interaction not identified | |
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | ≠ | Integrity (I) None | No integrity impacts identified | |
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2022-31161 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed |