U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesCVMAP

CVSS v3.1 Statistics for GitHub, Inc. as of 01/24/2023

2924
320
 
40
249
Reference
0-69.9%
Contributor
77.8
Contributor
70-94.9%
 
Provider
95-100%
CVE CNA Value Alignment NIST Value Reason
CVE-2021-32824   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) High
Integrity (I) High Integrity (I) High
Availability (A) High Availability (A) High
CVE-2021-32828   (7 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Changed Scope (S) Changed
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) Low Integrity (I) Low
Availability (A) None Availability (A) None
CVE-2021-39174   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) High
Integrity (I) High Integrity (I) High
Availability (A) High Availability (A) High
CVE-2022-23506   (6 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) Low Confidentiality (C) High Information leaked is sensitive such as passwords or other vital secrets
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2022-23508   (4 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Local AV:L due to file parsed local to vulnerable component
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) Low Local attacker typically implies some privilege level needed
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) High
Integrity (I) High Integrity (I) High
Availability (A) High Availability (A) High
CVE-2022-23509   (3 of 8) Attack Vector (AV) Adjacent Network Attack Vector (AV) Local AV:L due to file parsed local to vulnerable component
Attack Complexity (AC) High Attack Complexity (AC) Low No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst
Privileges Required (PR) High Privileges Required (PR) High
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) High
Integrity (I) High Integrity (I) High
Availability (A) High Availability (A) None No availability impacts identified
CVE-2022-23511   (3 of 8) Warning Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) High
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Changed Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) High
Integrity (I) Low Integrity (I) High
Availability (A) Low Availability (A) High
CVE-2022-23532   (5 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) Low No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) None
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) None Confidentiality (C) None
Integrity (I) High Integrity (I) High
Availability (A) Low Availability (A) None No availability impacts identified
CVE-2022-23546   (8 of 8) Attack Vector (AV) Local Attack Vector (AV) Local
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) High
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2022-23548   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) None Integrity (I) None
Availability (A) High Availability (A) High
CVE-2022-23549   (7 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) None Integrity (I) None
Availability (A) High Availability (A) High
CVE-2022-35948   (8 of 8) Warning Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) Low Integrity (I) Low
Availability (A) None Availability (A) None
CVE-2022-35949   (5 of 8) Warning Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) Low Confidentiality (C) High
Integrity (I) None Integrity (I) High
Availability (A) None Availability (A) High
CVE-2022-41955   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) High
Integrity (I) High Integrity (I) High
Availability (A) High Availability (A) High
CVE-2022-46163   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) High
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2022-46168   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2022-46174   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) High
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) Low Integrity (I) Low
Availability (A) Low Availability (A) Low
CVE-2022-46176   (7 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) High
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) High Integrity (I) High
Availability (A) None Availability (A) None
CVE-2022-46177   (6 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) Low No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst
Privileges Required (PR) High Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) High
Integrity (I) High Integrity (I) High
Availability (A) None Availability (A) None
CVE-2022-46180   (6 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) Required Internet browsing, Link clicking and/or file interaction identified
Scope (S) Changed Scope (S) Changed
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) None Integrity (I) Low Integrity impact appears non-critical
Availability (A) None Availability (A) None
CVE-2023-22453   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2023-22454   (3 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Changed Security boundary cross identified
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) High Integrity (I) Low Integrity impact appears non-critical
Availability (A) High Availability (A) None No availability impacts identified
CVE-2023-22455   (3 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) High Privileges Required (PR) None No privileges needed by attacker identified by NVD analyst
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Changed Security boundary cross identified
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) High Integrity (I) Low Integrity impact appears non-critical
Availability (A) High Availability (A) None No availability impacts identified
CVE-2023-22456   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Changed Scope (S) Changed
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) Low Integrity (I) Low
Availability (A) None Availability (A) None
CVE-2023-22460   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) None Integrity (I) None
Availability (A) High Availability (A) High
CVE-2023-22464   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Changed Scope (S) Changed
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) Low Integrity (I) Low
Availability (A) None Availability (A) None
CVE-2023-22465   (7 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) None Integrity (I) None
Availability (A) High Availability (A) Low Does not result in total loss of availability
CVE-2023-22467   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) None Integrity (I) None
Availability (A) High Availability (A) High
CVE-2023-22469   (5 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) Low No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2023-22470   (6 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) None Integrity (I) None
Availability (A) Low Availability (A) High No limiting factors for availability listed
CVE-2023-22472   (4 of 8) Attack Vector (AV) Local Attack Vector (AV) Network Applied AV:N due to lack of available Information for NVD Analyst
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) Low Confidentiality (C) High No limiting factors for confidentiality listed
Integrity (I) Low Integrity (I) High No limiting factors for integrity listed
Availability (A) Low Availability (A) High No limiting factors for availability listed
CVE-2023-22473   (8 of 8) Attack Vector (AV) Physical Attack Vector (AV) Physical
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2023-22475   (6 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Changed Security boundary cross identified
Confidentiality (C) Low Confidentiality (C) Low
Integrity (I) Low Integrity (I) Low
Availability (A) Low Availability (A) None No availability impacts identified
CVE-2023-22477   (7 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) None User Interaction (UI) None
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) None Integrity (I) None
Availability (A) Low Availability (A) High No limiting factors for availability listed
CVE-2023-22479   (3 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) High Attack Complexity (AC) Low No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) High Integrity (I) Low Integrity impact appears non-critical
Availability (A) High Availability (A) None No availability impacts identified
CVE-2023-22487   (6 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) None
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) None Integrity (I) None
Availability (A) None Availability (A) None
CVE-2023-22488   (4 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) None Integrity (I) Low Integrity impact appears non-critical
Availability (A) None Availability (A) None
CVE-2023-22489   (8 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) Required User Interaction (UI) Required
Scope (S) Unchanged Scope (S) Unchanged
Confidentiality (C) None Confidentiality (C) None
Integrity (I) Low Integrity (I) Low
Availability (A) None Availability (A) None
CVE-2023-22491   (4 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) Low Privileges Required (PR) Low
User Interaction (UI) None User Interaction (UI) Required Internet browsing, Link clicking and/or file interaction identified
Scope (S) Unchanged Scope (S) Changed Security boundary cross identified
Confidentiality (C) High Confidentiality (C) Low Information leaked appears non-critical/sensitive
Integrity (I) High Integrity (I) Low Integrity impact appears non-critical
Availability (A) None Availability (A) None
CVE-2023-22493   (4 of 8) Attack Vector (AV) Network Attack Vector (AV) Network
Attack Complexity (AC) Low Attack Complexity (AC) Low
Privileges Required (PR) None Privileges Required (PR) None
User Interaction (UI) Required User Interaction (UI) None User Interaction not identified
Scope (S) Changed Scope (S) Unchanged Unclear if Scope change occurs. No identification of security boundaries being crossed.
Confidentiality (C) High Confidentiality (C) High
Integrity (I) Low Integrity (I) None No integrity impacts identified
Availability (A) Low Availability (A) None No availability impacts identified