6 matches found
CVE-2025-54576 vulnerabilities
Vulnerabilities for packages: grafana-pyroscope...
CVE-2025-54576 vulnerabilities
Vulnerabilities for packages: grafana-pyroscope...
CVE-2025-54576
creationtimestamp| type| source ---|---|--- 2025-07-31 15:13:36+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3lvbgeunsf22j 2025-07-31 16:14:05+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lvbjqzamou22 2025-07-31 16:17:50+00:00| seen|...
CVE-2025-54576
OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when using the skipauthroutes configuration option...
CVE-2025-54576
Observations on CVE-2025-54576 : OAuth2-Proxy versions up to 7.10.0 expose an authentication bypass when using skip_auth_routes with regex patterns, because skip_auth_routes can match the full request URI (path + query parameters) instead of only the path. This allows an attacker to craft URLs wi...
CVE-2025-54576 OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusion
OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and below, oauth2-proxy deployments are vulnerable when using the skipauthroutes configuration option...