17 matches found
Ubuntu: Security Advisory (USN-8012-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-8012-1: GitHub CLI vulnerabilities
It was discovered that GitHub CLI could behave unexpectedly if users downloaded a malicious GitHub Actions workflow artifact through gh run download. An attacker could possibly use this issue to create or overwrite files in unintended directories. CVE-2024-54132 It was discovered that GitHub CLI...
CVE-2023-54132
In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 lclustersize-1, which causes the following...
DEBIAN-CVE-2023-54132
In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 lclustersize-1, which causes the following...
UBUNTU-CVE-2023-54132
In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 lclustersize-1, which causes the following...
CVE-2023-54132
In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 lclustersize-1, which causes the following...
Security Updates for Microsoft Visual Studio Products 17.14.17 (October 2025)
The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including: - Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get...
CVE-2025-54132
Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled serve...
CVE-2025-54132 Cursor's Mermaid Diagram Tool is Vulnerable to an Arbitrary Image Fetch
Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid which is used to render diagrams allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled serve...
Fedora: Security Advisory (FEDORA-2024-378ed6dffe)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: gh (CVE-2024-54132)
The version of gh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-54132 advisory. - The GitHub CLI is GitHub's official command line tool. A security vulnerability has been identified in GitHub CL...
CBL Mariner 2.0 Security Update: gh (CVE-2024-54132)
The version of gh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-54132 advisory. - The GitHub CLI is GitHub's official command line tool. A security vulnerability has been identified in GitHub CL...
CVE-2024-54132 affecting package gh for versions less than 2.13.0-23
CVE-2024-54132 affecting package gh for versions less than 2.13.0-23. A patched version of the package is available...
CVE-2024-54132 affecting package gh for versions less than 2.62.0-2
CVE-2024-54132 affecting package gh for versions less than 2.62.0-2. A patched version of the package is available...
CVE-2024-54132 vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-54132
creationtimestamp| type| source ---|---|--- 2024-12-04 15:30:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113595269131048543 2024-12-04 17:35:57+00:00| seen| https://t.me/cvedetector/12011...
CVE-2024-54132
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...