← Zuruck zu CVEs
CVE-2025-1300
MEDIUM6.1
Beschreibung
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway. This issue affects CodeChecker: through 6.24.5.
CVE Details
CVSS v3.1 Bewertung6.1
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht2/28/2025
Zuletzt geandert11/14/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
ericsson:codechecker
Schwachen (CWE)
CWE-601
Referenzen
https://github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fm(85b1779b-6ecd-4f52-bcc5-73eac4659dcf)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.