10 matches found
USN-8012-1: GitHub CLI vulnerabilities
It was discovered that GitHub CLI could behave unexpectedly if users downloaded a malicious GitHub Actions workflow artifact through gh run download. An attacker could possibly use this issue to create or overwrite files in unintended directories. CVE-2024-54132 It was discovered that GitHub CLI...
Fedora: Security Advisory (FEDORA-2024-378ed6dffe)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-53858 affecting package gh for versions less than 2.13.0-24
CVE-2024-53858 affecting package gh for versions less than 2.13.0-24. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2024-53858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gh cli is GitHub's official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when...
CVE-2024-53858 affecting package gh for versions less than 2.62.0-5
CVE-2024-53858 affecting package gh for versions less than 2.62.0-5. A patched version of the package is available...
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials. "Git implements a protocol called Git Credential Protocol to retrieve...
CVE-2024-53858 vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-53858 vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-53858
The gh cli is GitHub’s official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing git submodules hosted outside of GitHub.com and ghe.com. This vulnerability stems from several gh commands...
CVE-2024-53858
creationtimestamp| type| source ---|---|--- 2024-11-27 21:33:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113557057144002750 2025-01-28 16:37:00+00:00| seen| https://bsky.app/profile/securityrss.bsky.social/post/3lgsvanwiok2v...