3 matches found
CVE-2025-54956
CVE-2025-54956 affects the R package gh (pre-1.5.0). The vulnerability arises when an HTTP response is constructed to include the request’s Authorization header, potentially exposing credentials. Several connected advisories confirm the issue and provide mitigations: Debian LTS DLA-4378-1 notes a...
CVE-2025-54956
The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request...
CVE-2025-54956
The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request...