Github.com/cli/cli/v2
This hub aggregates every CVE we track for Github.com/cli/cli/v2, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM2LOW1HIGH1
Monthly trend
0
0
0
0
2
1
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Github.com/cli/cli/v2.
- CVE-2025-25204`gh attestation verify` returns incorrect exit code during verification if no attestations are present6.3
- CVE-2024-54132GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability3.7
- CVE-2024-53858Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in the gh cli6.5
- CVE-2024-52308Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer8.0
Product normalization is registry-driven with AI assist and human review. How it works