CVE-2020-4037 — Open Redirect in Oauth2-proxy Oauth2-proxy

CWE-601 — Open Redirect3 documents3 sources

Severity

5.4MEDIUMNVD

EPSS

0.4%

top 40.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Oauth2-proxy Oauth2-proxy Oauth2 Proxy Project Oauth2 Proxy Oauth2 Proxy

Timeline

PublishedJun 29

Latest updateDec 20

Description

In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is checked within the proxy and validated before redirecting the user to prevent malicious actors providing redirects to potentially harmful sites. This has been fixed in version 6.0.0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages3 packages

▶NVDoauth2_proxy_project/oauth2_proxy5.1.1 — 6.0.0

▶Gogithub.com/oauth2-proxy_oauth2-proxy5.1.1 — 6.0.0

▶CVEListV5oauth2_proxy/oauth2_proxy>= 5.1.1, < 6.0.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Open Redirect in OAuth2 Proxy↗2021-12-20

▶

GHSA

Open Redirect in OAuth2 Proxy↗2021-12-20

▶