CVE-2025-1300

Medium CVSS: 6.1

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.

The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway.

This issue affects CodeChecker: through 6.24.5.

Vendor

Ericsson

Product

Codechecker

CWE

CWE-601

Yayın Tarihi

2025-02-28 13:15:27

Güncelleme

2025-11-14 15:29:28

Source Identifier

85b1779b-6ecd-4f52-bcc5-73eac4659dcf

KEV Date Added

Kategoriler

CWE-601 Codechecker MEDIUM Ericsson 2025

Referanslar

https://github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fm

Benzer Kayıtlar

High

CVE-2025-27260

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains an Improper Filtering of Special Elements vulnerability…

Medium

CVE-2025-40841

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery (CSRF) vulnerability which,…

High

CVE-2025-40842

Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Scripting (XSS) vulnerability which, if exp…

Medium

CVE-2025-40843

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.…

Medium

CVE-2025-27258

Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an esc…

Low

CVE-2025-27259

Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limite…