It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server. (CVE-2024-52308)
{ "binaries": [ { "binary_name": "gh", "binary_version": "2.46.0-1ubuntu0.2" }, { "binary_name": "gh-dbgsym", "binary_version": "2.46.0-1ubuntu0.2" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "gh", "binary_version": "2.45.0-1ubuntu0.2+esm1" }, { "binary_name": "gh-dbgsym", "binary_version": "2.45.0-1ubuntu0.2+esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }