6.1
CVE-2025-1300
- EPSS 0.25%
- Veröffentlicht 28.02.2025 13:15:27
- Zuletzt bearbeitet 14.11.2025 15:29:28
- Quelle 85b1779b-6ecd-4f52-bcc5-73eac4
- CVE-Watchlists
- Unerledigt
Open redirect in CodeChecker web server
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway. This issue affects CodeChecker: through 6.24.5.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ericsson ≫ Codechecker Version < 6.24.6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.156 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 85b1779b-6ecd-4f52-bcc5-73eac4659dcf | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
https://github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fm