github.com/cli/go-gh/v2

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/cli/go-gh/v2page 1 of 1

CVE-2024-53859MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.11.1
2024-11-27
go-gh is a Go module for interacting with the `gh` utility and the GitHub API from the command line. A security vulnerability has been identified in `go-gh` that could leak authentication tokens intended for GitHub hosts to non-GitHub host…
CVE-2025-48938CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.12.1
2025-05-30
go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing ar…

Check whether github.com/cli/go-gh/v2 is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/cli/go-gh/v2 CVEs against the assets you own.

Start Free Scan →