CNNVD-202507-3825 Information
CNNVD ID
CNNVD-202507-3825
Related CVE
- CNNVD Published: 2025-07-30
Description (Chinese)
The Fintech Open Source Foundation GitProxy是The Fintech Open Source Foundation基金会的一个在Git之上部署自定义推送保护和策略。 The Fintech Open Source Foundation GitProxy 1.19.1及之前版本存在信息泄露漏洞,该漏洞源于攻击者可以注入额外提交,可能导致数据泄露。
Description (English)
The Fintech Open Source Foundation GitProxy is a self-defined protection and strategy deployed over Git by the Fintech Open Source Foundation. The Fintech Open Source Foundation GitProxy 1.19.1 and previous versions contain information leaks that stem from the fact that the attackers can inject additional submissions, which may lead to data leaks.
Hazard Level
Medium
Vulnerability Type
信息泄露
Affected Vendor
The Fintech Open Source Foundation
Published
2025-07-30
Last Modified
2026-02-24
References
https://github.com/finos/git-proxy/commit/9c1449f4ec37d2d1f3edf4328bc3757e8dba2110 https://github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a https://github.com/finos/git-proxy/releases/tag/v1.19.2 https://github.com/finos/git-proxy/security/advisories/GHSA-v98g-8rqx-g93g
Patch
https://github.com/finos/git-proxy/releases
Share on: