21 matches found
CVE-2026-27139 vulnerabilities
Vulnerabilities for packages: cadvisor, cluster-api-azure-controller, amass, steampipe, kubernetes-csi-external-attacher, mkcert, mockgen, metrics-agent, flux-source-controller, supercronic, sqlexporter, docker-compose, zarf, cluster-autoscaler, configmap-reload, crane, terraform-provider-sendgri...
EUVD-2021-2584
Malware in sbrugna...
EUVD-2021-2545
Malware in sbrugna...
GHSA-RRM8-32G4-W8M3 Cross-site Request Forgery (CSRF)
CSRF in Bitly oauth2proxy 2.1 during authentication flow...
Cross-site Request Forgery (CSRF)
CSRF in Bitly oauth2proxy 2.1 during authentication flow...
GHSA-JM34-XM8M-W958 Open Redirect in oauth2_proxy
The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...
Open Redirect in oauth2_proxy
The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...
GHSA-QQXW-M5FJ-F7GV The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect
Impact An open redirect vulnerability has been found in oauth2proxy. Anyone who uses oauth2proxy may potentially be impacted. For a context detectify have an in depth blog post about the potential impact of an open redirect. Particularly see the OAuth section. tl;dr: People's authentication token...
The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect
Impact An open redirect vulnerability has been found in oauth2proxy. Anyone who uses oauth2proxy may potentially be impacted. For a context detectify have an in depth blog post about the potential impact of an open redirect. Particularly see the OAuth section. tl;dr: People's authentication token...
Open Redirection
github.com/pusher/oauth2proxy is vulnerable to open redirection. Lack of validation in the redirecturl parameter allows an attacker to redirect a user to a malicious website and potentially steal the user's authentication tokens...
CVE-2017-1000069
CSRF in Bitly oauth2proxy 2.1 during authentication flow...
CVE-2017-1000070
The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...
CVE-2017-1000069
CSRF in Bitly oauth2proxy 2.1 during authentication flow...
CVE-2017-1000070
The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...
Open redirect
The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...
Cross site request forgery (csrf)
CSRF in Bitly oauth2proxy 2.1 during authentication flow...
CVE-2017-1000069
CSRF in Bitly oauth2proxy 2.1 during authentication flow...
CVE-2017-1000070
The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...
CVE-2017-1000070
CVE-2017-1000070 concerns the Bitly oauth2_proxy showing an open redirect vulnerability in versions up to 2.1 during the start and end of the 2-legged OAuth flow. The root cause cited is improper input validation violating RFC-6819, allowing an attacker to redirect users to arbitrary sites. The c...
CVE-2017-1000069
The CVE-2017-1000069 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in Bitly oauth2_proxy version 2.1 during the authentication flow. Connected documents corroborate CSRF as the vulnerability class affecting Bitly oauth2_proxy 2.1. The primary impact is reflected in the CVSS me...