AZL-76863 CVE-2025-47911 affecting package gh for versions less than 2.13.0-26

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

EUVD-2024-3396

Malicious code in bioql PyPI...

Security update for gh (important)

openSUSE Security Update: Security update for gh Announcement ID: openSUSE-SU-2025:0021-1 Rating: important References: 1233387 Cross-References: CVE-2024-52308 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This update for g...

DEBIAN-CVE-2024-53859

go-gh is a Go module for interacting with the gh utility and the GitHub API from the command line. A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. go-gh sources authentication tokens...

CVE-2024-53859 go-gh `auth.TokenForHost` violates GitHub host security boundary within a codespace

go-gh is a Go module for interacting with the gh utility and the GitHub API from the command line. A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. go-gh sources authentication tokens...