Moderate severityNVD Advisory· Published Feb 28, 2025· Updated Feb 28, 2025
Open redirect in CodeChecker web server
CVE-2025-1300
Description
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy.
The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassing the protections against CVE-2021-28861, leading to the same open redirect pathway.
This issue affects CodeChecker: through 6.24.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
codecheckerPyPI | < 6.24.6 | 6.24.6 |
Affected products
2- Range: 0
Patches
Vulnerability mechanics
References
3- github.com/Ericsson/codechecker/security/advisories/GHSA-g839-x3p3-g5fmghsavendor-advisoryWEB
- github.com/advisories/GHSA-g839-x3p3-g5fmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-1300ghsaADVISORY
News mentions
0No linked articles in our index yet.