CVE-2024-53859
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-53859 is a vulnerability affecting the go-gh Go module, which is used for interacting with the `gh` utility and GitHub API from the command line. This issue involves a leak of authentication tokens for GitHub hosts to non-GitHub hosts within a codespace. The go-gh library sourced authentication tokens from different environment variables based on the host: `GITHUB_TOKEN` and `GH_TOKEN` for GitHub.com and ghe.com, and `GITHUB_ENTERPRISE_TOKEN` and `GH_ENTERPRISE_TOKEN` for GitHub Enterprise Server. Prior to version 2.11.1, `auth.TokenForHost` could mistakenly source a token from the `GITHUB_TOKEN` environment variable for a host other than GitHub.com or ghe.com within a codespace. The exploitation of this vulnerability could result in sending authentication tokens to an unintended host. The issue has been resolved in version 2.11.1, and all users are encouraged to upgrade. Additionally, users are recommended to regenerate their authentication tokens and to examine their personal security logs and relevant audit logs for any suspicious account activity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.