friendsofsymfony/oauth2-php open redirection in oauth

2024-05-1521:39:29

Google

osv.dev

vulnerability

open redirection

friendsofsymfony/oauth2-php

oauth

authentication

security fix

7.2 High

AI Score

Confidence

Low

JSON

An open redirection vulnerability has been identified in the friendsofsymfony/oauth2-php library, which could potentially expose users to unauthorized redirects during the OAuth authentication process. This vulnerability has been addressed by implementing an exact check for the domain and port, ensuring more secure redirection.

CPENameOperatorVersion
friendsofsymfony/oauth2-phpeq1.0.7
friendsofsymfony/oauth2-phpeq1.0.8
friendsofsymfony/oauth2-phpeq1.0.0
friendsofsymfony/oauth2-phpeq1.1.0
friendsofsymfony/oauth2-phpeq1.2.0
friendsofsymfony/oauth2-phpeq1.2.3
friendsofsymfony/oauth2-phpeq1.0.4
friendsofsymfony/oauth2-phpeq1.0.9
friendsofsymfony/oauth2-phpeq1.0.1
friendsofsymfony/oauth2-phpeq1.0.3

Name	Operator	Version
friendsofsymfony/oauth2-php	eq	1.0.7
friendsofsymfony/oauth2-php	eq	1.0.8
friendsofsymfony/oauth2-php	eq	1.0.0
friendsofsymfony/oauth2-php	eq	1.1.0
friendsofsymfony/oauth2-php	eq	1.2.0
friendsofsymfony/oauth2-php	eq	1.2.3
friendsofsymfony/oauth2-php	eq	1.0.4
friendsofsymfony/oauth2-php	eq	1.0.9
friendsofsymfony/oauth2-php	eq	1.0.1
friendsofsymfony/oauth2-php	eq	1.0.3

Rows per page:

1-10 of 161

References

github.com/FriendsOfPHP/security-advisories/blob/master/friendsofsymfony/oauth2-php/2020-03-03-1.yaml

github.com/FriendsOfSymfony/oauth2-php

github.com/FriendsOfSymfony/oauth2-php/commit/606b8ea1c3c927c272ac1409116332ad5a2ed94c

github.com/FriendsOfSymfony/oauth2-php/releases/tag/1.3.0

7.2 High

AI Score

Confidence

Low

JSON