CVE Details
Basic Information
| Title | dag-factory’s CI/CD Workflow Allows for Repository Takeover and Secret Exfiltration |
|---|---|
| Type | cve |
| Published | 2025-07-26T03:33:39.933Z |
| Modified | 2025-07-26T03:33:39.933Z |
Product Information
| Vendor | astronomer |
|---|---|
| Product | dag-factory |
| Version | < 0.23.0a9 |
CVSS Information
| Base Score | 9.1 (CRITICAL) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U |
AI Analysis
| AI Description | A critical vulnerability in dag-factory’s CI/CD workflow allows attackers to execute arbitrary code, steal sensitive secrets like GITHUB_TOKEN, and take over repositories. This affects versions below 0.23.0a9. |
|---|---|
| AI Severity | Critical |
| AI Vendor | Astronomer |
| AI Product | dag-factory |
| AI Version | < 0.23.0a9 |
Affected Products
- astronomer dag-factory < 0.23.0a9
Additional Information
| CWE List | CWE-78 |
|---|---|
| Source | GitHub_M |
Description
dag-factory is a library for Apache Airflow® to construct DAGs declaratively via configuration files. In versions 0.23.0a8 and below, a high-severity vulnerability has been identified in the cicd.yml workflow within the astronomer/dag-factory GitHub repository. The workflow, specifically when triggered by pull_request_target, is susceptible to exploitation, allowing an attacker to execute arbitrary code within the GitHub Actions runner environment. This misconfiguration enables an attacker to establish a reverse shell, exfiltrate sensitive secrets, including the highly-privileged GITHUB_TOKEN, and ultimately gain full control over the repository. This is fixed in version 0.23.0a9.