153 matches found
CVE-2026-34457
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication bypass in deployments where OAuth2 Proxy is used with an authrequest-style integration such as nginx authrequest and either...
CVE-2026-34457 OAuth2 Proxy: Health Check User-Agent Matching Bypasses Authentication in auth_request Mode
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication bypass in deployments where OAuth2 Proxy is used with an authrequest-style integration such as nginx authrequest and either...
CVE-2026-34457
CVE-2026-34457 affects OAuth2 Proxy prior to 7.15.2. In deployments using an auth_request-style integration (e.g., nginx auth_request) with either --ping-user-agent or --gcp-healthchecks enabled, any request bearing the configured health-check User-Agent is treated as authenticated, bypassing log...
CVE-2026-34457 OAuth2 Proxy: Health Check User-Agent Matching Bypasses Authentication in auth_request Mode
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication bypass in deployments where OAuth2 Proxy is used with an authrequest-style integration such as nginx authrequest and either...
CVE-2026-34454 OAuth2 Proxy: Session cookie not cleared when rendering sign-in page
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...
CVE-2026-34454
OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cookie when rendering the sign-in page. In deployments that rely on the sign-in page as part of their logout flow, a user may be...
CVE-2026-34454
OAuth2 Proxy (oauth2-proxy) has a regression introduced in 7.11.0 where the session cookie is not cleared when rendering the sign-in page. This can allow a remaining authenticated session on the browser, particularly for logout flows that rely on the sign-in page. The issue is fixed in 7.15.2. De...
PT-2026-32954
Name of the Vulnerable Software and Affected Versions OAuth2 Proxy versions 7.11.0 through 7.15.1 Description A regression prevents the reverse proxy from clearing the session cookie when rendering the sign-in page. In deployments relying on the sign-in page for the logout flow, the browser sessi...
OAuth2 Proxy 安全漏洞
OAuth2 Proxy is a reverse proxy that can provide authentication for interactions with Google, Github, or other providers. Versions of OAuth2 Proxy prior to 7.15.2 contained a security vulnerability. This vulnerability stemmed from a configuration-related authentication bypass, which could allow...
OAuth2 Proxy 代码问题漏洞
OAuth2 Proxy is a product developed by OAuth2 Proxy organization that can provide a reverse proxy for authentication with Google, Github, or other providers. Versions of OAuth2 Proxy from 7.11.0 to 7.15.2 had code-related vulnerabilities. This vulnerability stemmed from a regression issue that...
GHSA-RV83-G57W-FR8J vulnerabilities
Vulnerabilities for packages: kratos, gitlab-kas, src, nri-mssql, neuvector-sigstore-interface, portieris, kapp, github-mcp-server, kubescape, kubernetes-dashboard, podman, nri-mongodb, percona-server-mongodb-operator, kubernetes-dns-node-cache, grafana-operator, k8sgpt, rancher-agent, polaris,...
GHSA-J3GX-2473-5FP8 vulnerabilities
Vulnerabilities for packages: gitlab-kas, src, nri-mssql, neuvector-sigstore-interface, portieris, kapp, github-mcp-server, kubescape, kubernetes-dashboard, podman, nri-mongodb, percona-server-mongodb-operator, kubernetes-dns-node-cache, grafana-operator, k8sgpt, rancher-agent, polaris, promxy,...
CVE-2026-27142 vulnerabilities
Vulnerabilities for packages: lvm-driver, azuredisk-csi, tflint, cert-manager-cmctl, gitlab-kas, src, tempo, neuvector-sigstore-interface, syft, kubescape, kubernetes-csi-driver-hostpath, secrets-store-csi-driver, kubernetes-dashboard, minio, buildah, opencost, flux-image-reflector-controller,...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: lvm-driver, azuredisk-csi, tflint, cert-manager-cmctl, gitlab-kas, src, tempo, neuvector-sigstore-interface, syft, kubescape, kubernetes-csi-driver-hostpath, secrets-store-csi-driver, kubernetes-dashboard, minio, buildah, opencost, flux-image-reflector-controller,...
CVE-2026-25679 vulnerabilities
Vulnerabilities for packages: gitlab-kas, src, nri-mssql, neuvector-sigstore-interface, portieris, kapp, github-mcp-server, kubescape, kubernetes-dashboard, podman, nri-mongodb, percona-server-mongodb-operator, kubernetes-dns-node-cache, grafana-operator, k8sgpt, rancher-agent, polaris, promxy,...
FreeBSD : oauth2-proxy -- multiple vulnerabilities (10319b08-f050-4beb-95e3-fe025cdafd25)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 10319b08-f050-4beb-95e3-fe025cdafd25 advisory. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields...
FreeBSD : oauth2-proxy -- multiple vulnerabilities (fb561db9-0fc1-4d92-81a2-ee01839c9119)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fb561db9-0fc1-4d92-81a2-ee01839c9119 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number...
GO-2025-4113 OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege escalation in github.com/oauth2-proxy/oauth2-proxy
OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege escalation in github.com/oauth2-proxy/oauth2-proxy...
EUVD-2025-50825
OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege escalation...
OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege escalation
Impact All deployments of OAuth2 Proxy in front of applications that normalize underscores to dashes in HTTP headers e.g., WSGI-based frameworks such as Django, Flask, FastAPI, and PHP applications. Authenticated users can inject underscore variants of X-Forwarded- headers that bypass the proxy’s...