Skip to content

x/vulndb: potential Go vuln in github.com/openrundev/openrun: GHSA-h5g6-xmh4-hc37 #5956

Description

@GoVulnBot

Advisory GHSA-h5g6-xmh4-hc37 references a vulnerability in the following Go modules:

Module
github.com/openrundev/openrun

Description:

Summary

The restrictions on redirect URLs in openrun can be bypassed by attackers, leading to open redirect attacks.

Details

In the current project, the referrer header value is used for subsequent redirects, so there is currently a validation for this redirect value. The current validation logic requires that the host and schema of the redirect URL be the same as the current website's URL, and finally, the path part is used for redirection. This check seems robust, but it can still be bypassed by attackers.

<img width="1606" height="1346" alt="QQ20260602-140205-2-2" src="https://...

References:

No existing reports found with this module or alias.
See doc/quickstart.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/openrundev/openrun
      versions:
        - fixed: 0.17.7
      vulnerable_at: 0.17.6
summary: |-
    OpenRun: Redirect URL validation bypass using  //host  paths leads to Open
    Redirect in github.com/openrundev/openrun
cves:
    - CVE-2026-55252
ghsas:
    - GHSA-h5g6-xmh4-hc37
references:
    - advisory: https://github.com/advisories/GHSA-h5g6-xmh4-hc37
    - advisory: https://github.com/openrundev/openrun/security/advisories/GHSA-h5g6-xmh4-hc37
    - fix: https://github.com/openrundev/openrun/commit/709da784fcf1311c85f30f3542cfa3601a78bbf0
    - web: https://github.com/openrundev/openrun/releases/tag/v0.17.7
source:
    id: GHSA-h5g6-xmh4-hc37
    created: 2026-07-10T00:01:54.843225679Z
review_status: UNREVIEWED

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions