EUVD-2025-30823

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. This issue affects...

CVE-2025-40843

CodeChecker (analyzer tooling) up to version 6.26.1 contains a buffer overflow in the internal ldlogger library used by the CodeChecker log command. The vulnerability stems from unsafe use of strcpy() into a fixed 4096-byte stack buffer, enabling an attacker to cause a crash or potentially execut...

CVE-2025-40843 Buffer overflow in CodeChecker log command

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. This issue affects...

CodeChecker 安全漏洞

CodeChecker is an open source Clang Static Analyzer and Clang Tidy analysis tool, defect database and viewer extension from Ericsson. A security vulnerability exists in CodeChecker 6.26.1 and earlier versions, which stems from an internal ldlogger inventory overflow in the buffer...

EUVD-2025-0155

Malicious code in bioql PyPI...

EUVD-2025-5562

Malicious code in bioql PyPI...

EUVD-2024-0029

Malicious code in bioql PyPI...

EUVD-2022-0591

Malicious code in bioql PyPI...

EUVD-2024-0028

Malicious code in bioql PyPI...

GHSA-5XF2-F6CH-6P8R CodeChecker has a buffer overflow in the log command

Summary CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. Details Unsafe usage of strcpy function in the internal ldlogger library allows attackers to trigger a buffer overflow by supplying...

CodeChecker has a buffer overflow in the log command

Summary CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. Details Unsafe usage of strcpy function in the internal ldlogger library allows attackers to trigger a buffer overflow by supplying...

Stack-based Buffer Overflow

Overview codechecker is an analyzer tooling, defect database and viewer extension Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the strcpy function in the internal ldlogger library. An attacker can execute arbitrary code or cause a crash by supplying crafted...

PT-2025-39096

Name of the Vulnerable Software and Affected Versions CodeChecker versions through 6.26.1 Description CodeChecker versions up to 6.26.1 contain a buffer overflow in the internal ldlogger library, triggered when executing the CodeChecker log command. The issue stems from the unsafe use of the strc...

CVE-2023-49793

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of CodeChecker store are not properly sanitized. An attacker, using a path traversal attack, can load and display files on the machine o...

GHSA-G839-X3P3-G5FM CodeChecker open redirect when URL contains multiple slashes after the product name

Summary --- CodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL's path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect pathway. Detai...

Open Redirect

Overview codechecker is an analyzer tooling, defect database and viewer extension Affected versions of this package are vulnerable to Open Redirect due to improper sanitization of URL path segments after the product name. An attacker can redirect users to a malicious website by crafting a URL tha...

CodeChecker open redirect when URL contains multiple slashes after the product name

Summary --- CodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL's path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect pathway. Detai...

CVE-2025-1300

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassin...

CVE-2025-1300

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassin...

CVE-2025-1300 Open redirect in CodeChecker web server

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL. This results in bypassin...