CVE-2025-11222

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-11222

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11222.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-11222

Aliases

GHSA-4hr2-xf7w-jf76

Published

2025-12-04T13:15:46.797Z

Modified

2025-12-06T07:05:02.639636Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.

References

https://github.com/line/centraldogma/security/advisories/GHSA-4hr2-xf7w-jf76

Affected packages

Git / github.com/line/centraldogma

Affected ranges

Type: GIT
Repo: https://github.com/line/centraldogma
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

36231f7a48fd90738d02d6b6395e0b75428ff10f