{"id":9333,"date":"2025-07-30T15:49:01","date_gmt":"2025-07-30T15:49:01","guid":{"rendered":"http:\/\/localhost\/?p=9333"},"modified":"2025-07-30T15:49:01","modified_gmt":"2025-07-30T15:49:01","slug":"gitproxy-bypasses-approvals-when-pushing-multiple-branches","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=9333","title":{"rendered":"GitProxy bypasses approvals when pushing multiple branches"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nGitProxy bypasses approvals when pushing multiple branches<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-30T19:59:44.317Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-30T20:13:10.804Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nfinos<\/td>\n<\/tr>\n
Product<\/th>\ngit-proxy<\/td>\n<\/tr>\n
Version<\/th>\n< 1.19.2<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n8.3 (HIGH)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:N\/VI:H\/VA:N\/SC:N\/SI:H\/SA:N<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nGitProxy versions 1.19.1 and below allow users to bypass policies and approvals when pushing to remote repositories, potentially allowing malicious code or sensitive data to be pushed. This vulnerability is fixed in version 1.19.2.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
AI Vendor<\/th>\nfinos<\/td>\n<\/tr>\n
AI Product<\/th>\ngit-proxy<\/td>\n<\/tr>\n
AI Version<\/th>\n1.19.1 and below<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n