CNNVD-202508-3562 Information

CNNVD ID

CNNVD-202508-3562

Related CVE

CVE-2025-55750

• CNNVD Published: 2025-08-29

Description (Chinese)

gitpod是gitpod开源的一款基于云的集成开发环境。 gitpod main-gha.33628之前版本存在安全漏洞，该漏洞源于Bitbucket OAuth集成处理不当，可能导致访问令牌泄露。

Description (English)

Gitapod is a cloud-based integrated development environment. There was a security loophole in the pre-Butpod Main-gha 33628 version, which stemmed from the inappropriate processing of Bitbuchet OAuth integration, which could lead to the disclosure of access tokens.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

gitpod

Published

2025-08-29

Last Modified

2026-02-24

References

https://github.com/gitpod-io/gitpod/security/advisories/GHSA-63fw-3jgp-2p2g https://github.com/gitpod-io/gitpod/pull/20983 https://github.com/gitpod-io/gitpod/commit/a736c1b83bd781786af0da705d0acebabfba7862 https://access.redhat.com/security/cve/cve-2025-55750 https://nvd.nist.gov/vuln/detail/CVE-2025-55750