CVE-2025-52480
BaseFortify
Publication date: 2025-06-25
Last updated on: 2025-09-19
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| julialang | registrator | to 1.9.5 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-88 | The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-52480 is a critical vulnerability in the Julia package Registrator.jl, affecting versions up to 1.9.4. The issue occurs in the `gettreesha()` function, where if the clone URL returned by GitHub is malicious or manipulated, it allows argument injection. This injection can lead to remote code execution (RCE), meaning an attacker could run arbitrary code on the affected system. The vulnerability arises because external commands are executed with parameters that may come from untrusted inputs without proper validation. [1, 2]
How can this vulnerability impact me? :
This vulnerability can have a severe impact as it allows remote code execution. An attacker exploiting this flaw could execute arbitrary commands on the system running Registrator.jl, potentially leading to full system compromise, data theft, or disruption of services. Since there are no known workarounds, users must upgrade to version 1.9.5 immediately to mitigate this risk. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if your system is running Registrator.jl versions up to and including 1.9.4, as these are vulnerable. Since the vulnerability arises from malicious or manipulated clone URLs causing argument injection in the `gittreesha` function, you can audit logs or monitor for unusual command executions related to git operations initiated by Registrator.jl. However, no specific detection commands or signatures are provided in the available resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate and recommended mitigation step is to upgrade Registrator.jl to version 1.9.5 or later, where the vulnerability has been patched. The patch includes input validation to prevent unsafe parameters from being passed to external commands, effectively mitigating the risk of argument injection and remote code execution. There are no known workarounds available, so upgrading is critical. [1, 2]