Refine your search
4 vulnerabilities found for Central Dogma by LINE Corporation
CVE-2025-11222 (GCVE-0-2025-11222)
Vulnerability from cvelistv5
Published
2025-12-04 12:18
Modified
2025-12-04 14:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- na
Summary
Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LINE Corporation | Central Dogma |
Version: 0.77 < 0.78.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-04T14:41:10.607528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T14:41:14.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Central Dogma",
"vendor": "LINE Corporation",
"versions": [
{
"lessThan": "0.78.0",
"status": "affected",
"version": "0.77",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 6.1,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "LOW",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "LOW",
"modifiedIntegrityImpact": "LOW",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "CHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "na",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T12:18:14.206Z",
"orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"shortName": "LY-Corporation"
},
"references": [
{
"url": "https://github.com/line/centraldogma/security/advisories/GHSA-4hr2-xf7w-jf76"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"assignerShortName": "LY-Corporation",
"cveId": "CVE-2025-11222",
"datePublished": "2025-12-04T12:18:14.206Z",
"dateReserved": "2025-10-01T01:03:38.026Z",
"dateUpdated": "2025-12-04T14:41:14.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-1143 (GCVE-0-2024-1143)
Vulnerability from cvelistv5
Published
2024-02-02 06:01
Modified
2025-06-03 18:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- na
Summary
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LINE Corporation | Central Dogma |
Version: 0.63.3 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1143",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-02T19:51:13.437915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T18:49:03.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:26:30.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Central Dogma",
"vendor": "LINE Corporation",
"versions": [
{
"lessThan": "0.64.1",
"status": "affected",
"version": "0.63.3",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "na",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-06T06:59:56.850Z",
"orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"shortName": "LINE"
},
"references": [
{
"url": "https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"assignerShortName": "LINE",
"cveId": "CVE-2024-1143",
"datePublished": "2024-02-02T06:01:39.341Z",
"dateReserved": "2024-02-01T04:33:49.542Z",
"dateUpdated": "2025-06-03T18:49:03.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38388 (GCVE-0-2021-38388)
Vulnerability from cvelistv5
Published
2021-09-08 17:50
Modified
2025-05-12 01:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LINE Corporation | Central Dogma |
Version: 0.51.1 < 0.52.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/line/centraldogma/pull/621"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Central Dogma",
"vendor": "LINE Corporation",
"versions": [
{
"lessThan": "0.52.0",
"status": "affected",
"version": "0.51.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T01:31:17.817Z",
"orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"shortName": "LY-Corporation"
},
"references": [
{
"url": "https://github.com/line/centraldogma/pull/621"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
"assignerShortName": "LINE",
"cveId": "CVE-2021-38388",
"datePublished": "2021-09-08T17:50:45.000Z",
"dateReserved": "2021-08-10T00:00:00.000Z",
"dateUpdated": "2025-05-12T01:31:17.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6002 (GCVE-0-2019-6002)
Vulnerability from cvelistv5
Published
2019-07-26 13:25
Modified
2024-08-04 20:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-site scripting
Summary
Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| LINE Corporation | Central Dogma |
Version: 0.17.0 to 0.40.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:09:24.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/line/centraldogma/releases/tag/centraldogma-0.41.0"
},
{
"name": "JVN#94889214",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN94889214/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Central Dogma",
"vendor": "LINE Corporation",
"versions": [
{
"status": "affected",
"version": "0.17.0 to 0.40.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-31T04:06:07.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/line/centraldogma/releases/tag/centraldogma-0.41.0"
},
{
"name": "JVN#94889214",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN94889214/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2019-6002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Central Dogma",
"version": {
"version_data": [
{
"version_value": "0.17.0 to 0.40.1"
}
]
}
}
]
},
"vendor_name": "LINE Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/line/centraldogma/releases/tag/centraldogma-0.41.0",
"refsource": "MISC",
"url": "https://github.com/line/centraldogma/releases/tag/centraldogma-0.41.0"
},
{
"name": "JVN#94889214",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN94889214/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2019-6002",
"datePublished": "2019-07-26T13:25:39.000Z",
"dateReserved": "2019-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:09:24.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}