CVE-2026-45803
- EPSS 0.05%
- Veröffentlicht 15.05.2026 15:26:56
- Zuletzt bearbeitet 21.05.2026 23:47:57
`gh` is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --...
CVE-2024-54132
- EPSS 0.71%
- Veröffentlicht 04.12.2024 16:15:26
- Zuletzt bearbeitet 15.04.2026 00:35:42
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through ...
CVE-2024-53858
- EPSS 0.05%
- Veröffentlicht 27.11.2024 22:15:05
- Zuletzt bearbeitet 15.04.2026 00:35:42
The gh cli is GitHub’s official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing `git` submodules hosted outside of GitHub.com and ghe.com. Th...
CVE-2024-52308
- EPSS 6.15%
- Veröffentlicht 14.11.2024 23:15:05
- Zuletzt bearbeitet 20.11.2024 15:07:43
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using `gh codespace ssh` or `gh codespace logs` commands. This has been patched in the cli v2.62.0. Developers connect to ...