GHSA-9hg5-7hwc-v434

Suggest an improvement
Source
https://github.com/advisories/GHSA-9hg5-7hwc-v434
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9hg5-7hwc-v434/GHSA-9hg5-7hwc-v434.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-9hg5-7hwc-v434
Aliases
Published
2022-05-24T17:05:08Z
Modified
2023-11-08T04:01:37.507702Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
Athenz vulnerable to Open Redirect
Details

Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.

Database specific 
{
    "nvd_published_at": "2019-12-26T16:15:00Z",
    "github_reviewed_at": "2022-11-04T22:32:10Z",
    "severity": "MODERATE",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-601"
    ]
}
References

Affected packages

Maven / com.yahoo.athenz:athenz

Package

Name
com.yahoo.athenz:athenz
View open source insights on deps.dev
Purl
pkg:maven/com.yahoo.athenz/athenz

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.25