CVE-2025-54583 is a high-severity vulnerability affecting finos git-proxy versions prior to 1.19.2. GitProxy acts as an intermediary application between developers and Git remote endpoints such as github.com, enforcing policies and approval workflows before code changes are pushed to remote repositories. The vulnerability is classified as CWE-863 (Incorrect Authorization), indicating that the application fails to properly enforce authorization checks. Specifically, versions 1.19.1 and below allow users to bypass policy enforcement and explicit approval mechanisms when pushing code. This means that malicious or accidental code changes, including those containing secrets or other sensitive information, can be pushed directly to repositories without undergoing the intended validation or review processes. The vulnerability does not require user interaction and can be exploited remotely with low attack complexity and only limited privileges (PR:L), making it relatively easy for an attacker with some level of access to exploit. The impact on confidentiality is not direct since the vulnerability does not expose data by itself, but it severely impacts integrity and availability by allowing unauthorized code changes that could introduce backdoors, secrets leakage, or destabilize software builds. The vulnerability has a CVSS 4.0 base score of 8.3 (high), reflecting its significant risk. Although no known exploits are currently reported in the wild, the potential for abuse is substantial, especially in environments relying heavily on git-proxy for secure code deployment workflows. The issue was addressed in version 1.19.2 by restoring proper authorization checks and ensuring that all policy and approval plugins are enforced before allowing pushes to remote repositories.

For European organizations, this vulnerability poses a critical risk to software supply chain security and code integrity. Organizations using git-proxy as part of their development pipelines could have unauthorized or malicious code introduced into their repositories, potentially leading to the inclusion of malware, exposure of secrets (e.g., API keys, credentials), or disruption of software delivery. This can result in compromised applications, data breaches, and regulatory non-compliance, especially under GDPR and other data protection laws. The bypass of approval workflows undermines trust in development processes and can facilitate insider threats or external attackers who gain limited access. The impact is particularly severe for sectors with stringent security requirements such as finance, healthcare, and critical infrastructure, where code integrity is paramount. Additionally, the vulnerability could be leveraged to introduce supply chain attacks that propagate through downstream consumers of the affected code, amplifying the risk across the software ecosystem in Europe.

European organizations should immediately upgrade git-proxy to version 1.19.2 or later to ensure proper authorization enforcement. Until the upgrade is applied, organizations should implement compensating controls such as restricting git-proxy usage to highly trusted users only and monitoring push activities for anomalies or unauthorized changes. Enforce multi-factor authentication and least privilege principles for all users interacting with git-proxy. Integrate additional code scanning and secret detection tools outside of git-proxy to catch unauthorized or sensitive changes before deployment. Conduct thorough audits of recent commits and repository histories to identify any suspicious or unauthorized pushes that may have occurred prior to patching. Establish strict network segmentation and access controls around development infrastructure to limit exposure. Finally, update incident response plans to include scenarios involving compromised code repositories due to authorization bypasses.