CVE-2022-0122: URL Redirection to Untrusted Site ('Open Redirect')

January 6, 2022 (updated January 12, 2022)

forge is vulnerable to URL Redirection to Untrusted Site

References

github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e
huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae
nvd.nist.gov/vuln/detail/CVE-2022-0122

Code Behaviors & Features

Detect and mitigate CVE-2022-0122 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →