Search CVE reports
1 – 3 of 3 results
GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release verify, and gh...
2 affected packages
golang-github-cli-go-gh, golang-github-cli-go-gh-v2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-github-cli-go-gh | Needs evaluation | Needs evaluation | Not in release | — | — |
| golang-github-cli-go-gh-v2 | Needs evaluation | Needs evaluation | Not in release | — | — |
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in...
2 affected packages
golang-github-cli-go-gh, golang-github-cli-go-gh-v2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-github-cli-go-gh | Needs evaluation | Needs evaluation | Not in release | Not in release | — |
| golang-github-cli-go-gh-v2 | Needs evaluation | Needs evaluation | Not in release | Not in release | — |
Some fixes available 2 of 5
go-gh is a Go module for interacting with the `gh` utility and the GitHub API from the command line. A security vulnerability has been identified in `go-gh` that could leak authentication tokens intended for GitHub hosts...
1 affected package
golang-github-cli-go-gh-v2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| golang-github-cli-go-gh-v2 | Needs evaluation | Fixed | Not in release | Not in release | — |