Ref# ADV2025_166 | Date: Jun 27th 2025

---

GitHub has published a security advisory highlighting vulnerabilities in the following products on June 18th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated.    

• GitHub Enterprise Server – versions 3.17.x prior to 3.17.1 

• GitHub Enterprise Server – versions 3.16.x prior to 3.16.4 

• GitHub Enterprise Server – versions 3.15.x prior to 3.15.8 

• GitHub Enterprise Server – versions 3.14.x prior to 3.14.13 

• GitHub Enterprise Server – versions 3.13.x prior to 3.13.16  

For more information on these updates, you can follow these URL: 

• GitHub Release Notes #3.17.1 

• GitHub Release Notes # 3.16.4 

• GitHub Release Notes # 3.15.8 

• GitHub Release Notes # 3.14.13 

• GitHub Release Notes # 3.13.16 

The Guyana National CIRT recommends that users and administrators review these updates and apply it where necessary. 

PDF Download: GitHub Security Advisory

References 

• GitHub Release Notes. (June 18th, 2025). Retrieved from GitHub. https://docs.github.com/en/enterprise-server@3.17/admin/all-releases  

• GitHub Security Advisory. (June 24th, 2025). Retrieved from Canadian Centre for Cyber Security.https://www.cyber.gc.ca/en/alerts-advisories/github-security-advisory-av25-368