VYPR

rpm package

opensuse/gh&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/gh&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2025-27144MedFeb 24, 2025
    affected < 2.73.0-1.1fixed 2.73.0-1.1

    Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when par

  • CVE-2024-52308Nov 14, 2024
    affected < 2.62.0-1.1fixed 2.62.0-1.1

    The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using `gh codespace ssh` or `gh codespace logs` commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an S

  • CVE-2024-6104Jun 24, 2024
    affected < 2.53.0-1.1fixed 2.53.0-1.1

    go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.