CVE-2024-54132: GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability

6.3 CVSS

Description

The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from a GitHub Actions workflow artifact named .. when downloaded using gh run download. The artifact name and --dir flag are used to determine the artifact’s download path. When the artifact is named .., the resulting files within the artifact are extracted exactly 1 directory higher than the specified --dir flag value. This vulnerability is fixed in 2.63.1.

Classification

CVE ID: CVE-2024-54132

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.3

Affected Products

Vendor: cli

Product: cli

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.62% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://github.com/cli/cli/security/advisories/GHSA-2m9h-r57g-45pj
https://github.com/cli/cli/commit/1136764c369aaf0cae4ec2ee09dc35d871076932

Timeline

2024-12-05 00:32:58 UTC
CVE

GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability
2025-03-06 09:45:33 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-54132