CVE-2025-54956
LOWDescription
The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-54956? +
How severe is CVE-2025-54956? +
How do I check if I'm vulnerable to CVE-2025-54956? +
Related Vulnerabilities
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable …
mpGabinet is vulnerable to Remote Command Execution. An authorized user with access to the application and direct access to the …
Edge3 Worker RPC RCE on Airflow 2. This issue affects Apache Airflow Providers Edge3: before 2.0.0 - and only if …
An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that …
Plex Media Server (PMS) 1.41.7.x through 1.42.0.x before 1.42.1 is affected by incorrect resource transfer between spheres because /myplex/account provides …
Inappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process …