Security Advisory

CVE-2025-67844

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-19 00:00:00

Last updated 2025-12-19 15:07:58

Assigner mitre

State PUBLISHED

Description

The GitHub Integration API in Mintlify Platform before 2025-11-15 allows remote attackers to obtain sensitive repository metadata via the repository owner and name fields. It fails to validate that the repository owner and name fields provided during configuration belong to the specific GitHub App Installation ID associated with the users organization.

← Browse all CVEs View on cve.org ↗