CVE-2024-52308 Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...

CVE-2024-52308 Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using gh codespace ssh or gh codespace logs commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running with...

Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

Summary A security vulnerability has been identified in GitHub CLI that could allow remote code execution RCE when users connect to a malicious Codespace SSH server and use the gh codespace ssh or gh codespace logs commands. Details The vulnerability stems from the way GitHub CLI handles SSH...

GHSA-P2H2-3VG9-4P87 Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

Summary A security vulnerability has been identified in GitHub CLI that could allow remote code execution RCE when users connect to a malicious Codespace SSH server and use the gh codespace ssh or gh codespace logs commands. Details The vulnerability stems from the way GitHub CLI handles SSH...

CVE-2024-11217

A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options...

containernetworking-plugins security update

1:1.5.1-2 - rebuild for CVE-2024-24791 - Resolves: RHEL-47166 1:1.5.1-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.5.1 - Related: RHEL-27608 1:1.5.0-1 - update to https://github.com/containernetworking/plugins/releases/tag/v1.5.0 - Related: RHEL-27608 1:1.4.1-1 -...

CVE-2023-52268

The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to authenticate as an arbitrary user because a session token can be sent to the /auth endpoint. NOTE: this module is not part of freescout-helpdesk/freescout on GitHub...

podman security update

4.9.4-16.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shou...

CVE-2024-52009

Atlantis (a self-hosted Golang app that handles Terraform PR webhooks) exposes GitHub credentials in its logs when rotated. The root cause is that credentials (tokens like gh s_…) were written to logs, enabling someone with log access to impersonate Atlantis and perform GitHub actions, potentiall...

CVE-2024-52009 Git credentials are exposed in atlantis logs

Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. Atlantis logs contains GitHub credentials tokens ghs... when they are rotated. This enables an attacker able to read these logs to impersonate Atlantis application and to perform actions on...

GHSA-GPPM-HQ3P-H4RP Git credentials are exposed in Atlantis logs

Summary Short summary of the problem. Make the impact and severity as clear as possible. For example: An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Atlantis logs contains GitHub credentials tokens ghs... when they are rotated. Thi...

GO-2024-3262 Hashicorp Nomad Incorrect Authorization vulnerability in github.com/hashicorp/nomad

Hashicorp Nomad Incorrect Authorization vulnerability in github.com/hashicorp/nomad...

Malicious NPM Packages Target Roblox Users with Data-Stealing Malware

A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attack...

CVE-2024-8810

A GitHub App installed in organizations could upgrade some permissions from read to write access without approval from an organization administrator. An attacker would require an account with administrator access to install a malicious GitHub App. This vulnerability affected all versions of GitHu...

CVE-2024-10824

An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed unauthorized internal users to access sensitive secret scanning alert data intended only for business owners. This issue could be exploited only by organization members with a personal access token PAT a...

CVE-2024-8810 Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed GitHub Apps to grant themselves write access

A GitHub App installed in organizations could upgrade some permissions from read to write access without approval from an organization administrator. An attacker would require an account with administrator access to install a malicious GitHub App. This vulnerability affected all versions of GitHu...

CVE-2024-8810

Summary: CVE-2024-8810 affects GitHub Enterprise Server. A GitHub App installed in organizations could upgrade permissions from read to write without organization admin approval. Exploitation requires an account with administrator access to install a malicious GitHub App. Root cause / impact: Pri...

CVE-2024-10824 Authorization Bypass Vulnerability was Identified in GitHub Enterprise Server that Allowed Unauthorized Internal Users to Access Secret Scanning Alert Data

An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed unauthorized internal users to access sensitive secret scanning alert data intended only for business owners. This issue could be exploited only by organization members with a personal access token PAT a...

CVE-2024-10824

CVE-2024-10824 affects GitHub Enterprise Server versions after 3.13.0 but before 3.14.0. The root cause is an authorization bypass that allowed organization members with a personal access token to access secret scanning alert data intended only for business owners, provided secret scanning was en...

CVE-2024-10824 Authorization Bypass Vulnerability was Identified in GitHub Enterprise Server that Allowed Unauthorized Internal Users to Access Secret Scanning Alert Data

An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed unauthorized internal users to access sensitive secret scanning alert data intended only for business owners. This issue could be exploited only by organization members with a personal access token PAT a...