We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-48938

Prevent GitHub CLI and extensions from executing arbitrary commands from compromised GitHub Enterprise Server



Description

go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URLs provided by GitHub with local file paths for browsing. In `2.12.1`, `Browser.Browse()` has been enhanced to allow and disallow a variety of scenarios to avoid opening or executing files on the filesystem without unduly impacting HTTP URLs. No known workarounds are available other than upgrading.

Reserved 2025-05-28 | Published 2025-05-30 | Updated 2025-05-30 | Assigner GitHub_M


LOW: 2.6CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U

Problem types

CWE-501: Trust Boundary Violation

Product status

< 2.12.1
affected

References

github.com/cli/go-gh/security/advisories/GHSA-g9f5-x53j-h563

github.com/...ommit/a08820a13f257d6c5b4cb86d37db559ec6d14577

github.com/...0a6251390f5f67f5b67e727/pkg/browser/browser.go

cve.org (CVE-2025-48938)

nvd.nist.gov (CVE-2025-48938)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-48938

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.