Open Redirect Vulnerability in CodeChecker by Ericsson
CVE-2025-1300

6.1MEDIUM

Key Information:

Vendor: Ericsson
Status: Codechecker
Vendor: CVE Published:; 28 February 2025

What is CVE-2025-1300?

The CodeChecker web server is susceptible to an open redirect vulnerability, stemming from insufficient protections against excessive slashes in URLs. This flaw allows attackers to execute redirects that can bypass existing protections, thereby compromising user trust and leading to potential phishing attacks. This vulnerability affects all versions of CodeChecker up to and including 6.24.5.

Affected Version(s)

CodeChecker 0 <= 6.24.5

References

https://github.com/Ericsson/codechecker/security/advisori...

vendor-advisory

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 28, 2025
Vulnerability Reserved
Feb 14, 2025