GHSA-P2H2-3VG9-4P87 Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer
Summary A security vulnerability has been identified in GitHub CLI that could allow remote code execution RCE when users connect to a malicious Codespace SSH server and use the gh codespace ssh or gh codespace logs commands. Details The vulnerability stems from the way GitHub CLI handles SSH...