GCVE - cpe:2.3:a:line_corporation:central_dogma:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:line_corporation:central_dogma:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Line Corporation (`ec80a219-823b-5a0c-9bab-3c0005020155`)
Product	Central Dogma (`d78f525f-4e4a-5d3e-9690-78064764467d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-11222`	vulnerable	2026-06-08 07:02:28.281661	Details available MEDIUM (6.1) Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft. Published: 2025-12-04T12:18:14.206Z Updated: 2025-12-04T14:41:14.531Z Open on db.gcve.eu Reference links https://github.com/line/centraldogma/security/advisories/GHSA-4hr2-xf7w-jf76	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-1143`	vulnerable	2026-06-08 06:25:39.380086	Details available CRITICAL (9.3) Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass. Published: 2024-02-02T06:01:39.341Z Updated: 2025-06-03T18:49:03.700Z Open on db.gcve.eu Reference links https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38388`	vulnerable	2026-06-08 05:32:55.998301	Details available HIGH (8.8) Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project. Published: 2021-09-08T17:50:45.000Z Updated: 2025-05-12T01:31:17.817Z Open on db.gcve.eu Reference links https://github.com/line/centraldogma/pull/621	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-6002`	vulnerable	2026-06-08 05:14:08.632927	Details available Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: 2019-07-26T13:25:39.000Z Updated: 2024-08-04T20:09:24.032Z Open on db.gcve.eu Reference links https://github.com/line/centraldogma/releases/tag/centraldogma-0.41.0 http://jvn.jp/en/jp/JVN94889214/index.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.