Cli Security Vulnerabilities and Issues — Cli CVE List

Lucene search

Cli ProjectCli

3 matches found

CVE•added 2024/12/04 4:15 p.m.•2043 views

CVE-2024-54132

The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from a ...

6.3CVSS6.5AI score0.0011EPSS

CVE•added 2024/11/27 10:15 p.m.•237 views

CVE-2024-53858

The gh cli is GitHub’s official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing git submodules hosted outside of GitHub.com and ghe.com. This vulnerability stems from several gh commands use...

6.5CVSS6.8AI score0.00048EPSS

CVE•added 2025/02/14 5:15 p.m.•226 views

CVE-2025-25204

gh is GitHub’s official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect: Whe...

6.3CVSS7AI score0.0006EPSS