GitProxy Vulnerability in Versions Below 1.19.2 Exposes Repositories
CVE-2025-54583

6.5MEDIUM

Key Information:

Vendor: Finos
Status: GitProxy
Vendor: CVE Published:; 30 July 2025

What is CVE-2025-54583?

GitProxy, an intermediary for developers connecting to Git remote endpoints, has a significant vulnerability in versions 1.19.1 and earlier. This flaw allows users to push code to remote repositories while circumventing established policies and necessary approvals. By evading essential checks and plugins, sensitive data or unintended modifications can be inadvertently included in commits. The issue has been rectified in version 1.19.2, emphasizing the importance of keeping software updated to protect repository integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/finos/git-proxy/commit/a620a2f33c39c78...

https://github.com/finos/git-proxy/commit/bd2ecb2099cba21...

https://github.com/finos/git-proxy/releases/tag/v1.19.2

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 30, 2025

JSON

Finos

What is CVE-2025-54583?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.