Gitpod before 0.6.0 allows unvalidated redirects.
References
Link | Resource |
---|---|
https://github.com/gitpod-io/gitpod/blob/main/CHANGELOG.md | Release Notes Third Party Advisory |
https://github.com/gitpod-io/gitpod/commit/8ca431f86ae3a6f9a17afcfed51cdd065fcff1a5 | Patch Third Party Advisory |
https://github.com/gitpod-io/gitpod/compare/0.6.0-beta5...0.6.0 | Release Notes Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/2879 | Exploit Patch Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/2879#issuecomment-865662372 | Patch Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/4567 | Release Notes Third Party Advisory |
https://github.com/gitpod-io/gitpod/pull/4567/commits/f78b7d18e509e28e71b65bbd4dfd52c16ca57c18 | Patch Third Party Advisory |
https://www.gitpod.io/changelog | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-22T13:38:50
Updated: 2021-06-22T13:38:50
Reserved: 2021-06-22T00:00:00
Link: CVE-2021-35206
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-22T14:15:09.057
Modified: 2021-06-24T13:21:54.147
Link: CVE-2021-35206
JSON object: View
Redhat Information
No data.
CWE