pkg:Go/github.com/cli/cli/v2
共 10 筆 CVEHIGH3MEDIUM4LOW1
✅ 檢查你的版本
所有已知漏洞
- HIGH8.0CVE-2024-52308Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer in github.com/cli/clifrom 0, < 2.62.0
- HIGH8.0CVE-2024-52308Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer in github.com/cli/clifrom 0, < 2.62.0
- HIGH7.4CVE-2026-48501GitHub CLI has an incorrect authorization header in API requests to TUF repository mirrors via `gh attestation`, `gh release verify`, and `gh release verify-asset` commandsfrom 0, < 2.93.0
- MEDIUM6.5CVE-2024-53858Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in github.com/cli/clifrom 0, < 2.63.0
- MEDIUM6.5CVE-2024-53858Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in github.com/cli/clifrom 0, < 2.63.0
- MEDIUM6.3CVE-2025-25204`gh attestation verify` returns incorrect exit code during verification if no attestations are present>= 2.49.0, < 2.67.0
- MEDIUM6.3CVE-2025-25204`gh attestation verify` returns incorrect exit code during verification if no attestations are present>= 2.49.0, < 2.67.0
- LOW3.5CVE-2026-45803GitHub CLI: GitHub Actions log output in `gh run view` allows terminal escape sequence injectionfrom 0, < 2.92.0
- —CVE-2024-54132Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability in github.com/cli/clifrom 0, < 2.63.1
- —CVE-2024-54132Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability in github.com/cli/clifrom 0, < 2.63.1