Juliaregistries Registrator.Jl vulnerabilities
2 known vulnerabilities affecting juliaregistries/registrator.jl.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2025-52480P2CRITICALCVSS 9.8fixed in 1.9.52025-06-25
CVE-2025-52480 [CRITICAL] CWE-88 CVE-2025-52480: Registrator is a GitHub app that automates creation of registration pull requests for julia packages
Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious (or can be injected using upstream vulnerabilities), an argument injection is possible in the `gettreesha()` function. This can then lead to a potentia
nvd
CVE-2025-52483P3CRITICALCVSS 9.8fixed in 1.9.52025-06-25
CVE-2025-52483 [CRITICAL] CWE-77 CVE-2025-52483: Registrator is a GitHub app that automates creation of registration pull requests for julia packages
Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior to version 1.9.5, if the clone URL returned by GitHub is malicious (or can be injected using upstream vulnerabilities) a shell script injection can occur within the `withpasswd` function. Alternatively, an argument inj
nvd