Severity by source
AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Lifecycle Timeline
2DescriptionGitHub Advisory
gh is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerability stems from the way GitHub CLI handles raw Actions log output. The gh run view --log and gh run view --log-failed commands stream workflow log lines to stdout or the configured pager without sanitizing terminal control sequences. An attacker who can influence GitHub Actions log content, for example via a PR triggered workflow, can embed escape sequences that are replayed in the user's terminal when they inspect the run. Depending on the victim's terminal emulator, injected sequences could change the window title, manipulate on screen content, or in some terminal emulators (such as screen) potentially execute arbitrary commands. This vulnerability is fixed in 2.92.0.
AnalysisAI
Terminal escape sequence injection in GitHub CLI 1.6.0 through 2.91.x allows authenticated attackers with pull request creation rights to inject malicious terminal control sequences into Actions workflow logs. When victims execute 'gh run view --log' or 'gh run view --log-failed' to inspect workflow runs, unsanitized escape sequences replay in their terminal, enabling window title manipulation, on-screen content alteration, or arbitrary command execution in vulnerable emulators like GNU screen. The attack requires low complexity and user interaction (victim must view logs), with impact limited to terminal integrity. CVSS score of 3.5 reflects low-severity integrity impact, though real-world risk varies significantly by terminal emulator capabilities. No active exploitation confirmed at time of analysis.
Technical ContextAI
This vulnerability exploits CWE-150 (Improper Neutralization of Escape, Meta, or Control Sequences) in GitHub CLI's log streaming implementation. The affected commands pipe raw GitHub Actions log output directly to stdout or configured pagers without sanitizing ANSI escape sequences or terminal control characters. GitHub Actions workflows can embed arbitrary text in logs through echo statements, error messages, or tool output. Terminal emulators interpret escape sequences like CSI (Control Sequence Introducer) codes for cursor manipulation, OSC (Operating System Command) sequences for window title changes, and in legacy multiplexers like GNU screen, potentially DCS (Device Control String) sequences that can trigger command execution. The CPE identifier 'cpe:2.3:a:cli:cli:*:*:*:*:*:*:*:*' indicates the CLI product itself, with GitHub confirming the vulnerable code path exists in the run view log display functions from version 1.6.0 forward.
RemediationAI
Upgrade GitHub CLI to version 2.92.0 or later, which implements terminal escape sequence sanitization in log output handlers. Users can verify their version with 'gh version' and update via package managers (brew upgrade gh, apt upgrade gh-cli, choco upgrade gh) or direct download from https://github.com/cli/cli/releases/tag/v2.92.0. For environments unable to immediately upgrade, implement compensating controls: configure pager to strip ANSI sequences by setting 'export GH_PAGER="less -r"' which processes color codes but blocks control sequences, or redirect log output through 'gh run view --log | cat' to strip all escape sequences (eliminates color formatting but neutralizes injection). Restrict GitHub Actions workflow modification permissions to trusted contributors only, preventing malicious PR authors from injecting log content. Organizations using GNU screen or other legacy terminal multiplexers should prioritize patching due to elevated command execution risk. Review recent workflow logs for suspicious escape sequences using 'gh run view --log | od -c' to detect non-printable characters. The vendor advisory at https://github.com/cli/cli/security/advisories/GHSA-crc3-h8v6-qh57 confirms no side effects from the 2.92.0 patch beyond the intended sanitization behavior.
Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Rated h
The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH serve
Symlink-following vulnerabilities in Capgo CLI before version 12.128.2 (npm @capgo/cli < 7.84.6) allow an attacker who c
Command execution via URI injection in GitHub CLI's `gh codespace jupyter` subcommand (versions 2.10.0-2.95.0) allows an
The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka
Same technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30549
GHSA-crc3-h8v6-qh57