2 matches found
CVE-2026-6860
A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a server wildcard name, e.g. if the server is configured with a certificate accepting .example.com, any XYZ.example.com where xyz is a valid name can be used...
PT-2021-14393 · Unknown · Oauth2 Proxy
Name of the Vulnerable Software and Affected Versions: OAuth2 Proxy versions prior to 7.0.0 Description: The issue concerns the whitelist domain feature in OAuth2 Proxy, where a domain that ends similarly to the intended domain could be allowed as a redirect. For example, if a whitelist domain is...