Gitpod before 0.6.0 allows unvalidated redirects.
References
Link | Resource |
---|---|
https://github.com/gitpod-io/gitpod/blob/main/CHANGELOG.md | Release Notes Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/2879#issuecomment-865662372 | Patch Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/4567 | Release Notes Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/4567/commits/f78b7d18e509e28e71b65bbd4dfd52c16ca57c18 | Patch Third Party Advisory |
https://github.com/gitpod-io/gitpod/commit/8ca431f86ae3a6f9a17afcfed51cdd065fcff1a5 | Patch Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/2879 | Exploit Patch Third Party Advisory |
https://www.gitpod.io/changelog | Release Notes Vendor Advisory |
https://github.com/gitpod-io/gitpod/compare/0.6.0-beta5...0.6.0 | Release Notes Third Party Advisory |
Configurations
Information
Published : 2021-06-22 07:15
Updated : 2021-06-24 06:21
NVD link : CVE-2021-35206
Mitre link : CVE-2021-35206
JSON object : View
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Products Affected
gitpod
- gitpod