{"id":9345,"date":"2025-07-30T16:53:02","date_gmt":"2025-07-30T16:53:02","guid":{"rendered":"http:\/\/localhost\/?p=9345"},"modified":"2025-07-30T16:53:02","modified_gmt":"2025-07-30T16:53:02","slug":"gitproxy-is-vulnerable-to-a-new-branch-approval-exploit","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=9345","title":{"rendered":"GitProxy is vulnerable to a new branch approval exploit"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nGitProxy is vulnerable to a new branch approval exploit<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-30T20:17:20.844Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-30T20:30:27.179Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nfinos<\/td>\n<\/tr>\n
Product<\/th>\ngit-proxy<\/td>\n<\/tr>\n
Version<\/th>\n< 1.19.2<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n8.2 (HIGH)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:P\/VC:N\/VI:H\/VA:N\/SC:N\/SI:H\/SA:N<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nGitProxy versions 1.19.1 and below have a vulnerability where attackers can bypass branch creation approval processes, potentially allowing unapproved changes. This affects organizations using GitProxy for policy enforcement. The issue is fixed in version 1.19.2.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
AI Vendor<\/th>\nfinos<\/td>\n<\/tr>\n
AI Product<\/th>\nGitProxy<\/td>\n<\/tr>\n
AI Version<\/th>\n1.19.1 and below<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n