GHSA-39p2-8hq9-fwj6: GitProxy New Branch Approval Exploit
An attacker can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch.
Because it can greatly affect system integrity, we classify this as a High impact vulnerability.
References
- github.com/advisories/GHSA-39p2-8hq9-fwj6
- github.com/finos/git-proxy
- github.com/finos/git-proxy/commit/a620a2f33c39c78e01783a274580bf822af3cc3a
- github.com/finos/git-proxy/commit/f99fe42082eab0970e4cd0acdc3421a527a7e531
- github.com/finos/git-proxy/releases/tag/v1.19.2
- github.com/finos/git-proxy/security/advisories/GHSA-39p2-8hq9-fwj6
Code Behaviors & Features
Detect and mitigate GHSA-39p2-8hq9-fwj6 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →