CVE-2025-47271 is a medium-severity vulnerability classified under CWE-94 (Improper Control of Generation of Code, commonly known as Code Injection) affecting the OZI-Project's 'publish' GitHub Action. This action automates the publishing of releases to PyPI, including mirroring releases, signature bundles, and provenance in tagged releases. Versions 1.13.2 through 1.13.5 of this action contain a flaw where untrusted input, specifically branch names, is improperly handled and flows into the pull request (PR) creation logic without adequate sanitization or validation. An attacker can exploit this by crafting a malicious branch name that injects arbitrary code into the automation workflow. This code injection could lead to unauthorized code execution within the CI/CD environment where the GitHub Action runs. The vulnerability does not require user interaction or authentication, and the attack vector is network-based, as it involves pushing branches to a repository. The vulnerability has been patched in version 1.13.6, and as a temporary workaround, users can downgrade to versions prior to 1.13.2 that do not contain this flaw. The CVSS 4.0 base score is 6.3, reflecting a medium severity level, with high impact on confidentiality, integrity, and availability due to the potential for arbitrary code execution. No known exploits are currently reported in the wild. The vulnerability is significant because it targets automation tooling that is widely used in software development pipelines, potentially allowing attackers to compromise build environments, inject malicious code into releases, or manipulate software supply chains.

For European organizations, the impact of CVE-2025-47271 can be substantial, especially for those relying on GitHub Actions for their software development and release processes. Exploitation could lead to unauthorized code execution within CI/CD pipelines, resulting in compromised software artifacts, insertion of backdoors, or disruption of release workflows. This threatens the integrity and trustworthiness of software distributed to customers or internal users. Organizations in sectors with stringent regulatory requirements, such as finance, healthcare, and critical infrastructure, may face compliance violations if compromised software is deployed. Additionally, the breach of build environments could lead to intellectual property theft or sabotage. The vulnerability's ease of exploitation (no authentication or user interaction required) increases risk, particularly in open-source or collaborative projects where branch creation is common. European entities using PyPI packages or mirroring releases via this GitHub Action are at risk of supply chain attacks, which have been a growing concern in the region. The absence of known exploits currently provides a window for proactive mitigation, but the potential impact on confidentiality, integrity, and availability remains high.

1. Immediate upgrade to OZI-Project publish version 1.13.6 or later, where the vulnerability is patched. 2. If upgrading is not immediately feasible, downgrade to a version prior to 1.13.2 as a temporary workaround. 3. Implement strict branch naming policies and validation in repositories to prevent injection of malicious characters or code in branch names. 4. Restrict who can create branches or pull requests in repositories using this GitHub Action, limiting to trusted users only. 5. Monitor CI/CD pipeline logs and GitHub Action runs for unusual activity or unexpected code execution. 6. Employ runtime security controls in CI/CD environments, such as sandboxing and least privilege execution, to limit the impact of any injected code. 7. Conduct regular audits of automation workflows and dependencies to identify and remediate similar injection risks. 8. Educate development teams about secure coding and branch management practices to reduce risk exposure. 9. Use GitHub’s security features like branch protection rules and required reviews to add layers of defense.