codechecker
PyPI7 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting codecheckerpage 1 of 1
- CVE-2021-44217MEDIUMCVSS 6.1EG 6.1✓ Fixed in 6.18.22022-01-18
vulnerable: 6.16.0, 6.16.0a1, 6.17.0, 6.18.0, 6.18.1
In Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the reports viewer allows remote attackers to inject arbitrary web script or HTML via the POST JSON data of the /CodeChe…
- CVE-2023-49793MEDIUMCVSS 6.5EG 6.5✓ Fixed in 6.23.02024-06-24
vulnerable: 6.16.0 ... 6.23.0rc2 (18 versions)
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Zip files uploaded to the server endpoint of `CodeChecker store` are not properly sanitized. An attacker, using a path t…
- CVE-2024-10081CRITICALCVSS 10.0EG 10.0✓ Fixed in 6.24.22024-11-06
vulnerable: 6.16.0 ... 6.24.1 (22 versions)
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the API URL ends with Authentication. This bypass allows superuser access to all API …
- CVE-2024-10082HIGHCVSS 8.7EG 8.7✓ Fixed in 6.24.22024-11-06
vulnerable: 6.16.0 ... 6.24.1 (22 versions)
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication method confusion allows logging in as the built-in root user from an external service. The built-in root…
- CVE-2025-1300MEDIUMCVSS 6.1EG 6.1✓ Fixed in 6.24.62025-02-28
vulnerable: 6.16.0 ... 6.24.4 (24 versions)
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. The CodeChecker web server contains an open redirect vulnerability due to missing protections against multiple slashes…
- CVE-2025-40843MEDIUMCVSS 5.9EG 5.9✓ Fixed in 6.26.22025-10-28
vulnerable: 6.16.0 ... 6.26.1 (28 versions)
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which …
- CVE-2026-25660CRITICALCVSS 9.8EG 9.82026-04-24
vulnerable: 6.16.0 ... 6.27.3 (31 versions)
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the URL ends with Authentication with certain function calls. This bypass allows as…
Check whether codechecker is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for codechecker CVEs against the assets you own.
Start Free Scan →