Nixpkgs security tracker

Login with GitHub

Suggestions search

Published
Filter by:
With package: codechecker

Found 1 matching suggestions

View:
Compact
Detailed
Permalink CVE-2026-25660
updated 1 month, 4 weeks ago by @LeSuisse Activity log
  • Created suggestion 2 months ago
  • @LeSuisse accepted 1 month, 4 weeks ago
  • @LeSuisse published on GitHub 1 month, 4 weeks ago
Authentication bypass for certain API calls

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the URL ends with Authentication with certain function calls.  This bypass allows assigning arbitrary permission to any user existing in CodeChecker. This issue affects CodeChecker: through 6.27.3.

Affected products

CodeChecker
  • =<6.27.3

Matching in nixpkgs

pkgs.codechecker

Analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy

Package maintainers