https://db.gcve.eu/sightings/feedMost recent sightings.2026-05-02T10:05:25.211000+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/80311a6f-3d83-481a-8480-1c23322e1884/export80311a6f-3d83-481a-8480-1c23322e18842026-05-02T10:05:25.586696+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "80311a6f-3d83-481a-8480-1c23322e1884", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-52569", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19501", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52569\n\ud83d\udd25 CVSS Score: 6.6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: GitForge.jl is a unified interface for interacting with Git \"forges.\" Versions prior to 5.9.1 lack input validation of input validation for user-provided values in certain functions. In the `GitHub.repo()` function, the user can provide any string for the `repo_name` field. These inputs are not validated or safely encoded and are sent directly to the server. This means a user can add path traversal patterns like `../` in the input to access any other endpoints on `api.github.com` that were not intended. Users should upgrade immediately to v5.9.1 or later to receive a patch. All prior versions are vulnerable. No known workarounds are available.\n\ud83d\udccf Published: 2025-06-25T16:41:46.303Z\n\ud83d\udccf Modified: 2025-06-25T16:41:46.303Z\n\ud83d\udd17 References:\n1. https://github.com/JuliaWeb/GitHub.jl/security/advisories/GHSA-jg9p-c3wh-q83x\n2. https://github.com/JuliaWeb/GitHub.jl/pull/224", "creation_timestamp": "2025-06-25T18:06:32.000000Z"}2025-06-25T18:06:32+00:00