Path Traversal Vulnerability in GitForge.jl by JuliaWeb
CVE-2025-50178

6.6MEDIUM

Key Information:

Vendor: Juliaweb
Status: Gitforge.jl
Vendor: CVE Published:; 25 June 2025

What is CVE-2025-50178?

GitForge.jl, a unified interface for Git forges, suffers from a significant input validation flaw in versions prior to 0.4.3. Specifically, the vulnerability exists in the GitForge.get_repo function, where user-provided strings for the owner and repository fields are not adequately validated or encoded. This oversight allows malicious users to exploit the application by injecting path traversal patterns, such as ../, into their inputs, potentially granting them unauthorized access to sensitive endpoints on the GitHub API that should not be accessible. The issue has been addressed in version 0.4.3, and users are encouraged to update to this version to mitigate associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

GitForge.jl < 0.4.3

References

https://github.com/JuliaWeb/GitForge.jl/security/advisori...

x_refsource_CONFIRM

https://github.com/JuliaWeb/GitForge.jl/pull/50

x_refsource_MISC

CVSS V4

Score:

6.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jun 25, 2025
Vulnerability Reserved
Jun 13, 2025

JSON

Juliaweb

What is CVE-2025-50178?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.