29362 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gh is GitHub's official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via improper path resolution during extraction of OCI image layer tarballs. An attacker can write arbitrary files to locations outside the intended extraction root by crafting a layer with a symlink pointing to an absolut...
GHSA-WXW3-Q3M9-C3JR
creationtimestamp| type| source ---|---|--- 2026-05-15 21:40:29+00:00| seen| https://gist.github.com/alon710/4cc7bcd5f1c1a36dc5ed49cf14f62cbd...
CVE-2026-46673
creationtimestamp| type| source ---|---|--- 2026-05-15 21:19:23+00:00| published-proof-of-concept| https://github.com/Eugeny/russh/security/advisories/GHSA-g9f8-wqj9-fjw5...
GHSA-M55X-H47X-V3GX
creationtimestamp| type| source ---|---|--- 2026-05-15 20:01:09+00:00| seen| https://gist.github.com/ichintu/d777ea5b68bd57d9ca8afc2774b06bad...
GHSA-RC95-PCM8-65V9 vulnerabilities
Vulnerabilities for packages: keycloak, apicurio-registry...
Improper Neutralization
Overview Affected versions of this package are vulnerable to Improper Neutralization of escape sequences in log output from commands run with the --log and --log-failed options. An attacker can inject malicious content in workflow logs, which are then rendered unsanitized in some terminal...
Improper Neutralization
Overview Affected versions of this package are vulnerable to Improper Neutralization of escape sequences in log output from commands run with the --log and --log-failed options. An attacker can inject malicious content in workflow logs, which are then rendered unsanitized in some terminal...
DEBIAN-CVE-2026-45803
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
CVE-2026-45803
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
CVE-2026-45803
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
UBUNTU-CVE-2026-45803
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
CVE-2026-45803
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
CVE-2026-45803 gh: GitHub Actions log output in `gh run view` allows terminal escape sequence injection
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
CVE-2026-45803
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
CVE-2026-45803 gh: GitHub Actions log output in `gh run view` allows terminal escape sequence injection
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...
CVE-2026-45803
GitHub CLI (gh) vulnerability: from v1.6.0 to before v2.92.0, terminal escape sequences could be injected via workflow logs when using gh run view --log or --log-failed, due to unsanitized raw log output. An attacker controlling Actions logs (e.g., PR-triggered workflows) could cause terminal man...
CVE-2026-46432
creationtimestamp| type| source ---|---|--- 2026-05-15 09:23:28+00:00| published-proof-of-concept| https://github.com/InternLM/lmdeploy/security/advisories/GHSA-m549-qq94-fvhg...
PT-2026-41313
Name of the Vulnerable Software and Affected Versions gh versions 1.6.0 through 2.91.x Description GitHub CLI allows terminal escape sequence injection when users view GitHub Actions workflow logs. The issue occurs because the 'gh run view --log' and 'gh run view --log-failed' commands stream...
GitHub CLI 安全漏洞
GitHub CLI is an open-source command-line interface for GitHub. Versions of GitHub CLI from 1.6.0 to 2.92.0 contained a security vulnerability. This vulnerability stemmed from the lack of cleaning terminal control sequences when processing GitHub Actions workflow logs. It could allow attackers to...