CVE-2025-54586
- EPSS 0.04%
- Veröffentlicht 30.07.2025 21:14:41
- Zuletzt bearbeitet 01.08.2025 20:03:03
GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden...
CVE-2025-54585
- EPSS 0.04%
- Veröffentlicht 30.07.2025 20:17:20
- Zuletzt bearbeitet 01.08.2025 20:04:19
GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. The vu...
CVE-2025-54583
- EPSS 0.04%
- Veröffentlicht 30.07.2025 20:15:38
- Zuletzt bearbeitet 01.08.2025 20:04:33
GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). Versions 1.19.1 and below allow users to push to remote repositories while bypassing policies and explicit approvals. Since checks and plugins are...
CVE-2025-54584
- EPSS 0.04%
- Veröffentlicht 30.07.2025 20:15:38
- Zuletzt bearbeitet 01.08.2025 20:04:28
GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By ...