47 matches found
CVE-2025-11222
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...
GHSA-4HR2-XF7W-JF76 Central Dogma's Login Function Has an Open Redirect Vulnerability
Impact Successful exploitation of this vulnerability could allow an attacker to craft a malicious link that, when clicked by a victim, redirects them to a phishing website designed to mimic the legitimate Central Dogma login page. This could result in the compromise of user accounts and...
Central Dogma's Login Function Has an Open Redirect Vulnerability
Impact Successful exploitation of this vulnerability could allow an attacker to craft a malicious link that, when clicked by a victim, redirects them to a phishing website designed to mimic the legitimate Central Dogma login page. This could result in the compromise of user accounts and...
CVE-2025-11222
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...
CVE-2025-11222
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...
EUVD-2025-201153
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...
CVE-2025-11222
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...
CVE-2025-11222
Central Dogma is affected by an Open Redirect vulnerability in the login flow for versions before 0.78.0. A crafted URL can redirect users to untrusted sites, enabling phishing and potential credential theft. The issue is documented across multiple sources (NVD/Red Hat OSV/GHSA etc.) with the fix...
CVE-2025-11222
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...
Central Dogma 安全漏洞
Central Dogma is an open source service configuration version control repository based on Git, ZooKeeper and HTTP/2. A security vulnerability exists in Central Dogma versions prior to 0.78.0, which stems from an open redirect and could lead to phishing attacks and credential theft...
PT-2025-49019
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft...
EUVD-2021-24840
Malware in sbrugna...
EUVD-2019-15570
Malware in sbrugna...
EUVD-2024-0477
Malicious code in bioql PyPI...
CVE-2021-38388
Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project...
CVE-2019-6002
Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2024-1143
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting XSS, which could allow for the leakage of user sessions and subsequent authentication bypass...
Central Dogma vulnerable to cross-site scripting
Overview Central Dogma provided by LY Corporation contains a cross-site scripting vulnerability CWE-79, CVE-2024-1143 because RelayState data is not properly treated when Central Dogma processes SAML messages. LY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution...
PT-2024-40337 · Armeria +1 · Armeria +1
Name of the Vulnerable Software and Affected Versions: Central Dogma versions prior to 0.64.3 Description: The issue arises when SAML is used for authentication, as Central Dogma accepts unsigned SAML messages by default, instead of rejecting them. This allows an attacker to forge SAML messages f...
Central Dogma Authentication Bypass Vulnerability via Session Leakage
Vulnerability Overview A vulnerability has been identified in Central Dogma versions prior to 0.64.1, allowing for the leakage of user sessions and subsequent authentication bypass. The issue stems from a Cross-Site Scripting XSS attack vector that targets the RelayState of Security Assertion...