CNNVD-202508-191 Information

CNNVD ID

CNNVD-202508-191

Related CVE

CVE-2025-54956

• CNNVD Published: 2025-08-03

Description (Chinese)

gh是R infrastructure开源的一个GitHub的API库。 gh 1.5.0之前版本存在安全漏洞，该漏洞源于HTTP响应中包含Authorization标头，可能导致信息泄露。

Description (English)

gh is an API library in GitHub, an open source of R infrastrucure. gh 1.5.0 There is a security loophole in the pre-version, which stems from the fact that the HTTP response contains the Authorization beacon, which could lead to the disclosure of information.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

R infrastructure

Published

2025-08-03

Last Modified

2026-02-24

References

https://github.com/r-lib/gh/issues/222 https://github.com/r-lib/gh/commit/b575d488c71318449cc6c8c989c617db29275848 https://github.com/r-lib/gh/compare/v1.4.1…v1.5.0 https://access.redhat.com/security/cve/cve-2025-54956

Patch

https://gh.r-lib.org/