CVE-2025-54430: Critical Code Injection Vulnerability in dedupe Library's GitHub Workflow

The dedupe library, a Python tool for fuzzy matching and deduplication, was found to have a critical vulnerability in its GitHub Actions workflow. This flaw could allow attackers to inject and execute arbitrary code, potentially leading to a full repository takeover. Read on to understand the details and how to protect yourself.

Vulnerability Details

CVE ID: CVE-2025-54430
Description: A code injection vulnerability exists in the `.github/workflows/benchmark-bot.yml` workflow of the dedupe library. The workflow is triggered by issue comments, and it insecurely checks out the branch associated with the pull request mentioned in the comment. Malicious actors can exploit this by crafting pull requests with malicious code in their branches. The workflow's GITHUB_TOKEN, which has write permissions, can then be exfiltrated and used to take over the repository.
CVSS Score and Vector:
- CVSS 3.1 Score: 9.1 (Critical)
- Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Explanation: This vulnerability is remotely exploitable (AV:N) with low complexity (AC:L). No privileges or user interaction are required (PR:N, UI:N). Successful exploitation can lead to complete confidentiality and integrity compromise (C:H, I:H), though availability is not directly impacted (A:N).
Exploit Requirements: An attacker needs to create a pull request with malicious code in a branch and then trigger the vulnerable workflow with an issue comment.
Affected Vendor, Product, Version:
- Vendor: dedupeio
- Product: dedupe
- Version: All versions before commit 3f61e79
CWE: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). This means the application constructs an OS command using externally-influenced input in a way that allows an attacker to inject arbitrary commands.

Timeline of Events

2025-07-30: Vulnerability publicly disclosed.
Before 2025-07-30: Vulnerability existed in dedupe versions prior to commit 3f61e79.
[Date of Commit]: Commit 3f61e79 patched the vulnerability.

Exploitability & Real-World Risk

The vulnerability is highly exploitable due to the low attack complexity and lack of required privileges. The real-world risk is significant, as a successful exploit could lead to the attacker gaining full control of the dedupe repository. This could be misused to inject malicious code into the library, impacting all users who rely on it. Given the widespread use of dedupe for data cleaning and entity resolution, the potential impact is substantial.

Recommendations

Update to the latest version of dedupe (commit 3f61e79 or later). This is the most critical step to remediate the vulnerability.
Review your GitHub Actions workflows. Ensure that you are not insecurely checking out pull request branches or handling untrusted code.
Implement stricter access controls for your GITHUB_TOKEN. Reduce the scope of permissions to the minimum necessary.

Technical Insight

The core issue lies in the workflow's direct checkout of a user-controlled branch based on the `github.event.issue.number`. This allows an attacker to inject arbitrary code into the workflow execution environment. By then exfiltrating the GITHUB_TOKEN with write access, they can effectively backdoor the repository, inject malware, or otherwise compromise the software supply chain.

Credit to Researcher(s)

This vulnerability was reported via GitHub Security Advisory.

CVE-2025-54430: Critical Code Injection Vulnerability in dedupe Library's GitHub Workflow

CVE-2025-54430: Critical Code Injection Vulnerability in dedupe Library's GitHub Workflow

Vulnerability Details

Timeline of Events

Exploitability & Real-World Risk

Recommendations

Technical Insight

Credit to Researcher(s)

References

Tags

Timeline

References

Post a Comment

Contact Form