← Back to CVEs
CVE-2025-1300
MEDIUM6.1
Description
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway. This issue affects CodeChecker: through 6.24.5.
CVE Details
CVSS v3.1 Score6.1
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published2/28/2025
Last Modified11/14/2025
Sourcenvd
Honeypot Sightings0
Affected Products
ericsson:codechecker
Weaknesses (CWE)
CWE-601
References
https://github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fm(85b1779b-6ecd-4f52-bcc5-73eac4659dcf)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.