CVE-2025-54415

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/astronomer/dag-factory/commit/751c0e58369e784f6a924347e381a705ea8133fe", "name": "https://github.com/astronomer/dag-factory/commit/751c0e58369e784f6a924347e381a705ea8133fe", "tags": [], "refsource": ""}, {"url": "https://github.com/astronomer/dag-factory/pull/460", "name": "https://github.com/astronomer/dag-factory/pull/460", "tags": [], "refsource": ""}, {"url": "https://github.com/astronomer/dag-factory/pull/466", "name": "https://github.com/astronomer/dag-factory/pull/466", "tags": [], "refsource": ""}, {"url": "https://github.com/astronomer/dag-factory/security/advisories/GHSA-g5hx-xv45-9whg", "name": "https://github.com/astronomer/dag-factory/security/advisories/GHSA-g5hx-xv45-9whg", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "dag-factory is a library for Apache Airflow\u00ae to construct DAGs declaratively via configuration files. In versions 0.23.0a8 and below, a high-severity vulnerability has been identified in the cicd.yml workflow within the astronomer/dag-factory GitHub repository. The workflow, specifically when triggered by pull_request_target, is susceptible to exploitation, allowing an attacker to execute arbitrary code within the GitHub Actions runner environment. This misconfiguration enables an attacker to establish a reverse shell, exfiltrate sensitive secrets, including the highly-privileged GITHUB_TOKEN, and ultimately gain full control over the repository. This is fixed in version 0.23.0a9."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-54415", "ASSIGNER": "security-advisories@github.com"}}, "impact": {}, "publishedDate": "2025-07-26T04:16Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-26T04:16Z"}