GHSA-G839-X3P3-G5FM
Vulnerability from github – Published: 2025-03-03 19:53 – Updated: 2025-03-03 19:53Summary
CodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL's path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect pathway.
Details
CodeChecker processes GET requests by first rewriting the path segment of the URL, and then passing the rewritten URL to the webserver framework.
When trimming the product name from the URL, no sanitization was performed on the remaining URL, which reintroduced the same issue as CVE-2021-28861, leading to the same open redirect pathway using URLs such as /Default//attacker.com/%2f...
Impact
The vulnerability allows an attacker to create a hyperlink that looks like a legitimate CodeChecker URL, but redirects to an attacker-supplied website when clicked.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 6.24.5"
},
"package": {
"ecosystem": "PyPI",
"name": "codechecker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.24.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-1300"
],
"database_specific": {
"cwe_ids": [
"CWE-601"
],
"github_reviewed": true,
"github_reviewed_at": "2025-03-03T19:53:16Z",
"nvd_published_at": "2025-02-28T13:15:27Z",
"severity": "MODERATE"
},
"details": "Summary\n---\n\nCodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL\u0027s path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect pathway.\n\nDetails\n---\n\nCodeChecker processes GET requests by first rewriting the path segment of the URL, and then passing the rewritten URL to the webserver framework.\nWhen trimming the product name from the URL, no sanitization was performed on the remaining URL, which reintroduced the same issue as CVE-2021-28861, leading to the same open redirect pathway using URLs such as `/Default//attacker.com/%2f..`.\n\nImpact\n---\n\nThe vulnerability allows an attacker to create a hyperlink that looks like a legitimate CodeChecker URL, but redirects to an attacker-supplied website when clicked.",
"id": "GHSA-g839-x3p3-g5fm",
"modified": "2025-03-03T19:53:16Z",
"published": "2025-03-03T19:53:16Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1300"
},
{
"type": "PACKAGE",
"url": "https://github.com/Ericsson/codechecker"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "CodeChecker open redirect when URL contains multiple slashes after the product name"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.