Ref# ADV2025_410 | Date: Dec 8th 2025

---

GitHub published a security advisory highlighting vulnerabilities in the following product on December 2nd, 2025. It is recommended that you take the necessary precautions by ensuring your product is always updated. 

• GitHub Enterprise Server – version 3.19.0-rc.1 

• GitHub Enterprise Server – versions 3.18.x prior to 3.18.2 

• GitHub Enterprise Server – versions 3.17.x prior to 3.17.8 

• GitHub Enterprise Server – versions 3.16.x prior to 3.16.11 

• GitHub Enterprise Server – versions 3.15.x prior to 3.15.15 

• GitHub Enterprise Server – versions 3.14.x prior to 3.14.20 

For more information on these updates, you can follow these URLs: 

• Enterprise Server 3.19.0-rc.1 

• Enterprise Server 3.18.2 

• Enterprise Server 3.17.8 

• Enterprise Server 3.16.11 

• Enterprise Server 3.15.15 

• Enterprise Server 3.14.20 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

References 

• GitHub Security Advisory (December 2nd, 2025). Retrieved from GitHub. https://docs.github.com/en/enterprise-server@3.19/admin/release-notes 

  

• GitHub Security Advisory. (December 3rd, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/github-security-advisory-av25-803