GitHub security advisory (AV25-803)

Serial number: AV25-803
Date: December 3, 2025

On December 2, 2025, GitHub published a security advisory to address vulnerabilities in the following products:

• GitHub Enterprise Server – version 3.19.0-rc.1
• GitHub Enterprise Server – versions 3.18.x prior to 3.18.2
• GitHub Enterprise Server – versions 3.17.x prior to 3.17.8
• GitHub Enterprise Server – versions 3.16.x prior to 3.16.11
• GitHub Enterprise Server – versions 3.15.x prior to 3.15.15
• GitHub Enterprise Server – versions 3.14.x prior to 3.14.20

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• Enterprise Server 3.19.0-rc.1
• Enterprise Server 3.18.2
• Enterprise Server 3.17.8
• Enterprise Server 3.16.11
• Enterprise Server 3.15.15
• Enterprise Server 3.14.20