CVE-2024-52308CRITICALCVSS 9.6fixed in 2.62.02024-11-14
CVE-2024-52308 [CRITICAL] CWE-77 CVE-2024-52308: The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using `gh codespace ssh` or `gh codespace logs` commands. This has been patched in the cli v2.62.0.
Developers connect to remote codespaces through an SSH server running within the devcontainer, which is generally provided
nvd