36 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-59831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitHub CLI gh is GitHub's official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow comman...
CVE-2026-59831
GitHub CLI gh is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL supplied by a process inside the Codespace without validating that it is a loopbac...
UBUNTU-CVE-2026-59831
GitHub CLI gh is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL supplied by a process inside the Codespace without validating that it is a loopbac...
CVE-2026-59831 GitHub CLI `gh codespace jupyter` could allow remote code execution when connecting to a malicious Codespace
GitHub CLI gh is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL supplied by a process inside the Codespace without validating that it is a loopbac...
CVE-2026-59831
GitHub CLI gh is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL supplied by a process inside the Codespace without validating that it is a loopbac...
CVE-2026-59831
Summary: CVE-2026-59831 affects GitHub CLI (gh) prior to 2.96.0. When using the command gh codespace jupyter, a malicious Codespace could supply a JupyterLab URL to the process inside the Codespace without validating that it is a loopback address, enabling a crafted vscode:// or vscode-insiders:/...
CVE-2026-59831 GitHub CLI `gh codespace jupyter` could allow remote code execution when connecting to a malicious Codespace
GitHub CLI gh is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL supplied by a process inside the Codespace without validating that it is a loopbac...
PT-2026-57006
Name of the Vulnerable Software and Affected Versions GitHub CLI gh versions 2.10.0 through 2.95.0 Description Connecting to a malicious Codespace using the gh codespace jupyter command can lead to command execution. This occurs because the tool opens a JupyterLab URL provided by a process within...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via host resolution in the CLI authentication layer. An attacker can obtain authentication tokens intended for GitHub or GitHub Enterprise by causing authenticated requests to be sent to external hosts, as the ho...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via host resolution in the CLI authentication layer. An attacker can obtain authentication tokens intended for GitHub or GitHub Enterprise by causing authenticated requests to be sent to external hosts, as the ho...
Azure Linux 3.0 Security Update: gh (CVE-2024-52308)
The version of gh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52308 advisory. - The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace S...
CVE-2025-62379
Reflex is a library to build full-stack web apps in pure Python. In versions 0.5.4 through 0.8.14, the /auth-codespace endpoint automatically assigns the redirectto query parameter value directly to client-side links without any validation and triggers automatic clicks when the page loads in a...
CVE-2025-62379 Open Redirect in reflex-dev/reflex
Reflex is a library to build full-stack web apps in pure Python. In versions 0.5.4 through 0.8.14, the /auth-codespace endpoint automatically assigns the redirectto query parameter value directly to client-side links without any validation and triggers automatic clicks when the page loads in a...
CVE-2025-62379 Open Redirect in reflex-dev/reflex
Reflex is a library to build full-stack web apps in pure Python. In versions 0.5.4 through 0.8.14, the /auth-codespace endpoint automatically assigns the redirectto query parameter value directly to client-side links without any validation and triggers automatic clicks when the page loads in a...
CVE-2025-62379
Reflex (Python web app framework) versions 0.5.4–0.8.14 contain an Open Redirect in the /auth-codespace route: the redirect_to query parameter is assigned directly to client-side links without validation, triggering automatic navigation, which can redirect users to arbitrary external URLs. The vu...
CVE-2025-62379 Open Redirect in reflex-dev/reflex
Reflex is a library to build full-stack web apps in pure Python. In versions 0.5.4 through 0.8.14, the /auth-codespace endpoint automatically assigns the redirectto query parameter value directly to client-side links without any validation and triggers automatic clicks when the page loads in a...
EUVD-2024-3287
Malicious code in bioql PyPI...
EUVD-2024-3396
Malicious code in bioql PyPI...
go-gh `auth.TokenForHost` violates GitHub host security boundary within a codespace
...
Authentication Token Leakage
github.com/cli/go-gh is vulnerable to authentication token leakage. The vulnerability is due to improper handling of authentication tokens, where auth.TokenForHost could source a token from the GITHUBTOKEN environment variable for non-GitHub hosts within a codespace...