Debian Golang-Github-Cli-Go-Gh-V2 vulnerabilities

CVE-2025-48938 [LOW] CVE-2025-48938: golang-github-cli-go-gh - go-gh is a collection of Go modules to make authoring GitHub CLI extensions easi... go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URLs provided by GitHub with local file paths for browsing.

CVE-2024-53859 [MEDIUM] CVE-2024-53859: golang-github-cli-go-gh-v2 - go-gh is a Go module for interacting with the `gh` utility and the GitHub API fr... go-gh is a Go module for interacting with the `gh` utility and the GitHub API from the command line. A security vulnerability has been identified in `go-gh` that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. `go-gh` sources authentication tokens from different environment variables depend