diff --git a/data/release-notes/enterprise-server/3-3/16.yml b/data/release-notes/enterprise-server/3-3/16.yml
new file mode 100644
index 000000000000..86d2f89bed48
--- /dev/null
+++ b/data/release-notes/enterprise-server/3-3/16.yml
@@ -0,0 +1,6 @@
+date: '2022-12-06'
+
+sections:
+  security_fixes:
+    - |
+      **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870).
diff --git a/data/release-notes/enterprise-server/3-4/11.yml b/data/release-notes/enterprise-server/3-4/11.yml
new file mode 100644
index 000000000000..86d2f89bed48
--- /dev/null
+++ b/data/release-notes/enterprise-server/3-4/11.yml
@@ -0,0 +1,6 @@
+date: '2022-12-06'
+
+sections:
+  security_fixes:
+    - |
+      **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870).
diff --git a/data/release-notes/enterprise-server/3-5/8.yml b/data/release-notes/enterprise-server/3-5/8.yml
new file mode 100644
index 000000000000..86d2f89bed48
--- /dev/null
+++ b/data/release-notes/enterprise-server/3-5/8.yml
@@ -0,0 +1,6 @@
+date: '2022-12-06'
+
+sections:
+  security_fixes:
+    - |
+      **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870).
diff --git a/data/release-notes/enterprise-server/3-6/4.yml b/data/release-notes/enterprise-server/3-6/4.yml
new file mode 100644
index 000000000000..86d2f89bed48
--- /dev/null
+++ b/data/release-notes/enterprise-server/3-6/4.yml
@@ -0,0 +1,6 @@
+date: '2022-12-06'
+
+sections:
+  security_fixes:
+    - |
+      **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870).