13 matches found
openSUSE Security Advisory (openSUSE-SU-2025:0021-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for gh (important)
openSUSE Security Update: Security update for gh Announcement ID: openSUSE-SU-2025:0021-1 Rating: important References: 1233387 Cross-References: CVE-2024-52308 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This update for g...
CVE-2024-52308 affecting package gh for versions less than 2.62.0-1
CVE-2024-52308 affecting package gh for versions less than 2.62.0-1. An upgraded version of the package is available that resolves this issue...
Ubuntu: Security Advisory (USN-7130-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7130-1: GitHub CLI vulnerability
It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server. CVE-2024-52308...
DEBIAN-CVE-2024-52308
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...
CVE-2024-52308
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...
AZL-53217 CVE-2024-52308 affecting package gh for versions less than 2.62.0-1
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...
CVE-2024-52308 vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-52308
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...
CVE-2024-52308
creationtimestamp| type| source ---|---|--- 2024-11-14 23:02:53+00:00| seen| https://infosec.exchange/users/cve/statuses/113483800434488994 2024-11-15 01:02:02+00:00| seen| https://t.me/cvedetector/11033 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...
CVE-2024-52308 Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...
CVE-2024-52308 Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...