USN-7362-1 golang-github-cli-go-gh-v2 vulnerability

It was discovered that go-gh incorrectly handled authentication tokens. An attacker could possibly use this issue to leak authentication tokens to the wrong host. CVE-2024-53859...

AZL-54540 CVE-2024-45338 affecting package gh for versions less than 2.13.0-24

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...