CVE-2025-68937
Symlink Handling Flaw in Forgejo Enables Remote Code Execution
Publication date: 2025-12-26
Last updated on: 2025-12-26
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| forgejo | forgejo | 13.0.2 |
| forgejo | forgejo | 11.0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-61 | The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-68937 is a critical security vulnerability in Forgejo versions before 13.0.2 (and 11 LTS before 11.0.7) where attackers can exploit mishandling of symbolic links (symlinks) in repository templates. Specifically, when creating a repository from a template, Forgejo would follow symlinks pointing outside the repository and write files to unintended locations on the server. This can lead to corruption of server files and, under certain conditions, allow attackers to gain remote shell access to the server. The vulnerability arises from insufficient sandboxing of file access during template processing, allowing path traversal and symlink exploitation. [2, 4, 5]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to write to arbitrary files on the Forgejo server or container where the server process has write access. This can cause file corruption and, in specific configurations (such as SSH Git access with Forgejo managing authorized_keys and internal SSH server disabled), it can lead to remote shell access, effectively giving attackers control over the server. This compromises the integrity and security of your Forgejo server environment. [2, 4, 5]
What immediate steps should I take to mitigate this vulnerability?
To mitigate CVE-2025-68937, immediately upgrade Forgejo to version 13.0.2 or later, or if using the LTS version, upgrade to 11.0.7 or later. These versions include fixes that sandbox file access during repository template expansion to prevent out-of-repository symlink traversal and path traversal attacks. Additionally, ensure that your Forgejo configuration does not allow unauthorized SSH Git access that could be exploited, and verify that Forgejo manages authorized_keys files securely. Applying these updates will prevent attackers from writing to unintended files or gaining remote shell access via symlink exploitation. [2, 4, 5]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability includes a privacy issue where the commit API exposed the author's primary email address in commit data, which could violate privacy expectations under regulations like GDPR. The fix replaces the private email with the signature's identity, aligning with privacy best practices. However, the critical vulnerability allowing unauthorized file writes and potential remote shell access could lead to unauthorized data access or modification, which may impact compliance with data protection regulations by risking confidentiality and integrity of data. Overall, the fixes improve privacy and security, helping maintain compliance with standards that require protection of personal data and secure system access. [2, 4, 5]