CVE-2018-15798: Pivotal Concourse Open Redirect in Login Flow
5.4
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.70315%
CWE
Published
2/15/2022
Updated
10/2/2023
KEV Status
No
Technology
Go
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
github.com/concourse/concourse | go | < 5.2.8 | 5.2.8 |
github.com/concourse/concourse | go | >= 5.3.0, < 5.5.10 | 5.5.10 |
github.com/concourse/concourse | go | >= 5.6.0, < 5.8.1 | 5.8.1 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The commit diff shows a critical change in the Redirect handler where redirectURL.Path
was replaced with redirectURL.EscapedPath()
. This indicates the original Path
usage didn't properly escape user-controlled redirect targets, enabling open redirects. The CVE description explicitly mentions the oAuth redirect vulnerability in the login flow handled by this component.