Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
CloudflareWorkers-oauth-provider

2 matches found

CVE
CVEadded 2025/05/01 1:15 a.m.55 views

CVE-2025-4144

PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . However, it was found that an attacker could cause the check to be skipped. Fixed in: https://github.com/cloudflare/workers-oauth-provider/pull/27 htt...

9.8CVSS6.3AI score0.00058EPSS
CVE
CVEadded 2025/05/01 1:15 a.m.54 views

CVE-2025-4143

The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirect_uri was on the allowed list of redirect URIs for the given client registration. Fixed in: https://github.com/cloudflare/workers-oauth...

6.1CVSS6.5AI score0.00012EPSS