10 matches found
Azure Linux 3.0 Security Update: gh (CVE-2025-48938)
The version of gh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-48938 advisory. - go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has...
CVE-2025-48938 affecting package gh for versions less than 2.62.0-9
CVE-2025-48938 affecting package gh for versions less than 2.62.0-9. A patched version of the package is available...
Fedora 41 : gh (2025-164ac0d01f)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-164ac0d01f advisory. Update to 2.74.0 - Fixes CVE-2025-48938 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora: Security Advisory (FEDORA-2025-164ac0d01f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-82ac5e4065)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : gh (2025-82ac5e4065)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-82ac5e4065 advisory. Update to 2.74.0 - Fixes CVE-2025-48938 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
CVE-2025-48938
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URL...
CVE-2025-48938
creationtimestamp| type| source ---|---|--- 2025-05-30 19:08:14+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqfwifn7zbg2...
CVE-2025-48938 Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URL...
CVE-2025-48938 Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URL...