151 matches found
CVE-2026-40575
A flaw was found in OAuth2 Proxy. When configured with --reverse-proxy and either --skip-auth-regex or --skip-auth-route, the proxy may trust a client-supplied X-Forwarded-Uri header. An unauthenticated remote attacker can exploit this by spoofing the header, leading to an authentication bypass...
CVE-2026-41059
A flaw was found in OAuth2 Proxy. An unauthenticated attacker can exploit a configuration-dependent authentication bypass by sending a crafted request containing a number sign in the path. This allows the OAuth2 Proxy to incorrectly match a public allowlist rule, leading to the exposure of...
CVE-2026-40574
A flaw was found in OAuth2 Proxy, a reverse proxy providing authentication using OAuth2 providers. A remote attacker can exploit an authorization bypass vulnerability by crafting a malicious email claim. This allows the attacker to bypass emaildomain restrictions, which are used to limit access t...
BIT-OAUTH2-PROXY-2026-40575 OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header Spoofing
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...
CVE-2026-41059
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authentication bypass. Deployments are affected when all of the following are true: Use of skipauthroutes or the legacy skipauthregex; use of patterns...
CVE-2026-40575
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the X-Forwarded-Uri header when the --reverse-proxy setting is enabled and either --skip-auth-regex or --skip-auth-route is configured. An attacker can gain unauthorized access to protected routes by spoofing the...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the X-Forwarded-Uri header when the --reverse-proxy setting is enabled and either --skip-auth-regex or --skip-auth-route is configured. An attacker can gain unauthorized access to protected routes by spoofing the...
Authentication Bypass Using an Alternate Path or Channel
Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the processing of request paths containing a number sign or its encoded form %23 when using skipauthroutes or skipauthregex settings. An attacker can gain unauthorized access t...
Authentication Bypass Using an Alternate Path or Channel
Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the processing of request paths containing a number sign or its encoded form %23 when using skipauthroutes or skipauthregex settings. An attacker can gain unauthorized access t...
OAuth2 Proxy 安全漏洞
OAuth2 Proxy is a product developed by OAuth2 Proxy organization that can provide a reverse proxy for authentication with Google, Github, or other providers. Versions 7.5.0 to 7.15.1 of OAuth2 Proxy have security vulnerabilities. These vulnerabilities stem from configuration-related authenticatio...
OAuth2 Proxy 安全漏洞
OAuth2 Proxy is a product developed by OAuth2 Proxy organization that can provide a reverse proxy for authentication with Google, Github, or other providers. There were security vulnerabilities in the versions of OAuth2 Proxy from 7.5.0 to 7.15.1. These vulnerabilities stemmed from the possibilit...
CVE-2026-40575
OAuth2 Proxy versions 7.5.0–7.15.1 can trust a client-supplied X-Forwarded-Uri when --reverse-proxy and at least one --skip-auth-regex/--skip-auth-route are configured, enabling header spoofing that makes authentication rules run against a different path. This can let an unauthenticated attacker ...
CVE-2026-40575 OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header Spoofing
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...
CVE-2026-40575
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...
EUVD-2026-24557
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...
CVE-2026-41059
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authentication bypass. Deployments are affected when all of the following are true: Use of skipauthroutes or the legacy skipauthregex; use of patterns...
EUVD-2026-24559
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authentication bypass. Deployments are affected when all of the following are true: Use of skipauthroutes or the legacy skipauthregex; use of patterns...
CVE-2026-41059 OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regex
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authentication bypass. Deployments are affected when all of the following are true: Use of skipauthroutes or the legacy skipauthregex; use of patterns...
CVE-2026-41059
The CVE concerns OAuth2 Proxy (versions 7.5.0–7.15.1) where a configuration-driven authentication bypass can occur due to patterns in skip_auth_routes or legacy skip_auth_regex. Attacks are possible when attacker-controlled suffixes widen patterns (for example, ^/foo/.*/bar$) so that a # in the p...