VYPR
← All advisories
Medium severity4.2NVD Advisory· Published Jan 24, 2025· Updated Apr 15, 2026

CVE-2025-24363

CVE-2025-24363

Description

The HL7 FHIR IG Publisher prior to 1.8.9 exposes repository credentials in CI builds by including the full git origin URL in the generated Implementation Guide.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

The HL7 FHIR IG Publisher prior to 1.8.9 exposes repository credentials in CI builds by including the full git origin URL in the generated Implementation Guide.

Vulnerability

Overview

The HL7 FHIR IG Publisher is a tool that compiles inputs into a standard FHIR Implementation Guide (IG). In CI environments, the publisher CLI uses git commands to determine the originating repository URL. If the repository was cloned using a URL containing a username and credential (e.g., https://user:token@host.com/repo.git), the entire URL is included in the built IG, thereby exposing sensitive credentials [1][2]. This issue does not affect users who clone public repositories without credentials, such as those using the auto-ig-build CI infrastructure.

Exploitation and

Attack Surface

Exploitation occurs automatically during the IG build process when the publisher runs in a CI context. No additional attacker interaction is required beyond the build output being published or shared. The prerequisite is that the repository's origin remote URL contains embedded credentials, which is common in automated CI pipelines that use tokens for authentication. The exposed credentials are then present in the generated IG files, which may be distributed or publicly accessible.

Impact

An attacker who gains access to the published IG can extract the embedded credentials, potentially gaining unauthorized access to the repository or other services that use the same credentials. This could lead to further compromise of the CI/CD pipeline or source code repositories.

Mitigation

The vulnerability has been patched in release 1.8.9 [4]. The fix, implemented in commit d968694b7dd041640efab5414d7077d5028569f7, removes the inclusion of the full git URL from the IG metadata [3]. As a workaround, users should ensure that the origin URL contains no username, password, or token by running git remote get-url origin and verifying the output. Alternatively, users can run the IG Publisher CLI with the -repo parameter and specify a URL without credentials [2].

References
  1. GitHub - HL7/fhir-ig-publisher: Source code for the IG publisher
  2. NVD - CVE-2025-24363
  3. Remove unneeded fields from db metadata (#1023) · HL7/fhir-ig-publisher@d968694
  4. Release 1.8.9 · HL7/fhir-ig-publisher

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.hl7.fhir.publisher:org.hl7.fhir.publisher.coreMaven
< 1.8.91.8.9
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cliMaven
< 1.8.91.8.9

Affected products

2

Patches

2
d968694b7dd0

Remove unneeded fields from db metadata (#1023)

https://github.com/hl7/fhir-ig-publisherdotasekJan 23, 2025via ghsa
commit
1 file changed · +13 11
  • org.hl7.fhir.publisher.core/src/main/java/org/hl7/fhir/igtools/publisher/Publisher.java+13 11 modified
    @@ -10904,9 +10904,19 @@ private void generateDataFile(DBBuilder db) throws IOException, FHIRException, S
     data.add("toolingVersion", Constants.VERSION);
     data.add("toolingRevision", ToolsVersion.TOOLS_VERSION_STR);
     data.add("toolingVersionFull", Constants.VERSION+" ("+ToolsVersion.TOOLS_VERSION_STR+")");
+
+    data.add("genDate", genTime());
+    data.add("genDay", genDate());
+    if (db != null) {
+      for (JsonProperty p : data.getProperties()) {
+        db.metadata(p.getName(), p.getValue().asString());
+      }
+      db.metadata("gitstatus", getGitStatus());
+    }
+
     data.add("totalFiles", fileList.size());
     data.add("processedFiles", changeList.size());
-    
+
     if (repoSource != null) {
       data.add("repoSource", gh());
     } else {
@@ -10915,13 +10925,7 @@ private void generateDataFile(DBBuilder db) throws IOException, FHIRException, S
         data.add("repoSource", git);
       }
     }
-    data.add("genDate", genTime());
-    data.add("genDay", genDate());
-    if (db != null) {
-      for (JsonProperty p : data.getProperties()) {
-        db.metadata(p.getName(), p.getValue().asString());
-      }
-    }
+
     JsonArray rt = data.forceArray("resourceTypes");
     List<String> rtl = context.getResourceNames();
     for (String s : rtl) {
@@ -10947,9 +10951,7 @@ private void generateDataFile(DBBuilder db) throws IOException, FHIRException, S
     ig.add("experimental", publishedIg.getExperimental());
     ig.add("publisher", publishedIg.getPublisher());    
     addTranslationsToJson(ig, "publisher", publishedIg.getPublisherElement(), false);
-    if (db != null) {
-      db.metadata("gitstatus", getGitStatus());
-    }
+
     if (previousVersionComparator != null && previousVersionComparator.hasLast() && !targetUrl().startsWith("file:")) {
       JsonObject diff = new JsonObject();
       data.add("diff", diff);
7e77066dfe99
https://github.com/hl7/fhir-ig-publishervia osv
commit

Vulnerability mechanics

Root cause

"The IG Publisher includes the full git remote origin URL (which may contain embedded credentials) in the published Implementation Guide output metadata."

Attack vector

An attacker who can access the published FHIR Implementation Guide (e.g., via a public CI artifact or published website) can read the `repoSource` field in the generated JSON metadata. If the repository was cloned using a credential-bearing URL (e.g., `https://user:token@github.com/org/repo.git`), the entire URL including the embedded credentials is exposed. The attack requires that the IG publisher was run in a CI context where the git origin URL contains credentials, and that the attacker can retrieve the published output. This is a local or adjacent attack vector per the CVSS (AV:L/AC:L) because the credentials are leaked into the build output rather than being transmitted over the network.

Affected code

The vulnerability is in `org.hl7.fhir.igtools.publisher.Publisher.java`, specifically in the `generateDataFile` method. The code retrieves the git remote origin URL (including any embedded credentials) via `getGitStatus()` and stores it in the `repoSource` field of the generated JSON data. This data is then written into the published Implementation Guide output, exposing the full URL.

What the fix does

Patch [patch_id=9249] restructures the `generateDataFile` method so that the `repoSource` value (which contains the git origin URL) is no longer written into the database metadata via `db.metadata()`. Previously, the code called `db.metadata(p.getName(), p.getValue().asString())` for all JSON properties, including `repoSource`, and separately called `db.metadata("gitstatus", getGitStatus())`. The patch moves the metadata-writing block to execute *before* the `repoSource` assignment, so the credential-bearing URL is never persisted into the database. The `db.metadata("gitstatus", ...)` call is also moved earlier, ensuring it still runs but without the sensitive `repoSource` value being included.

Preconditions

  • configThe IG repository must have been cloned using a URL that includes credentials (username, password, or token) in the git remote origin URL.
  • configThe IG Publisher CLI must be run in a CI context where it uses git commands to determine the repo URL.
  • networkThe attacker must have access to the published IG output (e.g., a public CI artifact or published website).

Generated on May 23, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.