383 matches found
CVE-2024-45338 affecting package gh for versions less than 2.62.0-4
CVE-2024-45338 affecting package gh for versions less than 2.62.0-4. A patched version of the package is available...
CVE-2024-45337 affecting package gh for versions less than 2.62.0-3
CVE-2024-45337 affecting package gh for versions less than 2.62.0-3. A patched version of the package is available...
CVE-2024-45338 affecting package gh for versions less than 2.13.0-24
CVE-2024-45338 affecting package gh for versions less than 2.13.0-24. A patched version of the package is available...
CVE-2024-54132 affecting package gh for versions less than 2.13.0-23
CVE-2024-54132 affecting package gh for versions less than 2.13.0-23. A patched version of the package is available...
AZL-54419 CVE-2024-45338 affecting package gh for versions less than 2.62.0-5
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
AZL-54540 CVE-2024-45338 affecting package gh for versions less than 2.13.0-24
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
CVE-2024-54132 affecting package gh for versions less than 2.62.0-2
CVE-2024-54132 affecting package gh for versions less than 2.62.0-2. A patched version of the package is available...
GO-2024-3295 Violation of GitHub host security boundary when sourcing authentication token within a codespace in github.com/cli/go-gh
Violation of GitHub host security boundary when sourcing authentication token within a codespace in github.com/cli/go-gh...
CVE-2024-53859 affecting package gh for versions less than 2.62.0-1
CVE-2024-53859 affecting package gh for versions less than 2.62.0-1. A patched version of the package is available...
CVE-2024-52308 affecting package gh for versions less than 2.62.0-1
CVE-2024-52308 affecting package gh for versions less than 2.62.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-45288 affecting package gh for versions less than 2.62.0-1
CVE-2023-45288 affecting package gh for versions less than 2.62.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-24786 affecting package gh for versions less than 2.62.0-1
CVE-2024-24786 affecting package gh for versions less than 2.62.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-54132 vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-54132 vulnerabilities
Vulnerabilities for packages: gh...
GHSA-2M9H-R57G-45PJ vulnerabilities
Vulnerabilities for packages: gh...
GHSA-2M9H-R57G-45PJ vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-53859 vulnerabilities
Vulnerabilities for packages: wolfictl, gh...
CVE-2024-53858 vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-53858 vulnerabilities
Vulnerabilities for packages: gh...
CVE-2024-53859
go-gh is a Go module for interacting with the gh utility and the GitHub API from the command line. A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. go-gh sources authentication tokens...