PT-2025-31442 · Gitproxy · Git-Proxy
Dgl
·
Published
2025-07-30
·
Updated
2025-07-30
·
CVE-2025-54583
CVSS v4.0
8.3
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N |
Name of the Vulnerable Software and Affected Versions
GitProxy versions 1.19.1 and below
Description
GitProxy is an application that acts as an intermediary between developers and Git remote endpoints. Versions 1.19.1 and below permit users to bypass policies and explicit approvals when pushing to remote repositories. Specifically, checks and plugins are skipped, potentially allowing the introduction of secrets or unwanted changes into a repository.
Recommendations
Update to version 1.19.2 or later.
Exploit
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Git-Proxy