Vulnerabilidades em cli
8 resultadosCVE-2024-52308HIGHConnecting to a malicious Codespaces via GH CLI could allow command execution on the user's computerEPSS 0.9%CVE-2024-54132MEDIUMGitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerabilityEPSS 0.6%CVE-2024-53859MEDIUMgo-gh `auth.TokenForHost` violates GitHub host security boundary within a codespaceEPSS 0.5%CVE-2025-48938LOWPrevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise ServerEPSS 0.4%CVE-2025-25204MEDIUM`gh attestation verify` returns incorrect exit code during verification if no attestations are presentEPSS 0.4%CVE-2026-48501HIGHGitHub CLI tokens leak via `gh attestation` commandsEPSS 0.3%CVE-2024-53858MEDIUMRecursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in the gh cliEPSS 0.3%CVE-2026-45803LOWgh: GitHub Actions log output in `gh run view` allows terminal escape sequence injectionEPSS 0.2%