Github.Com Cli Go-Gh V2 vulnerabilities
2 known vulnerabilities affecting github.com/cli_go-gh_v2.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-48938MEDIUM≥ 0, < 2.12.12025-05-30
CVE-2025-48938 [MEDIUM] CWE-501 Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server
Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server
### Summary
A security vulnerability has been identified in `go-gh` where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URLs provided by GitHub with local file p
ghsaosv
CVE-2024-53859MEDIUM≥ 0, < 2.11.12024-11-27
CVE-2024-53859 [MEDIUM] CWE-200 `auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace
`auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace
### Summary
A security vulnerability has been identified in `go-gh` that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace.
### Details
`go-gh` sources authentication tokens from differ
ghsaosv