Oauth2 Proxy Project: Security Vulnerabilities
OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0.
CVSS Score
5.9
EPSS Score
0.003
Published
2020-01-30
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
CVSS Score
8.8
EPSS Score
0.001
Published
2017-07-17
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
CVSS Score
6.1
EPSS Score
0.002
Published
2017-07-17
Page 2