Back to search
CVE-2025-54583
Published: Jul 30, 2025
Modified: Jul 30, 2025
PUBLISHED
Description
GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). Versions 1.19.1 and below allow users to push to remote repositories while bypassing policies and explicit approvals. Since checks and plugins are skipped, code containing secrets or unwanted changes could be pushed into a repository. This is fixed in version 1.19.2.
| Vendor | Product | Versions |
|---|---|---|
finos | git-proxy | affected < 1.19.2 |
Weaknesses (CWE)
References
https://github.com/finos/git-proxy/security/advisories/GHSA-qr93-8wwf-22g4
x_refsource_CONFIRM
https://github.com/finos/git-proxy/releases/tag/v1.19.2
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now