Github.Com Bitly Oauth2 Proxy vulnerabilities
2 known vulnerabilities affecting github.com/bitly_oauth2_proxy.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-1000069HIGH≥ 0, < 2.2.02021-12-20
CVE-2017-1000069 [HIGH] CWE-352 Cross-site Request Forgery (CSRF)
Cross-site Request Forgery (CSRF)
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
ghsaosv
CVE-2017-1000070MEDIUM≥ 0, < 2.2.02021-12-20
CVE-2017-1000070 [MEDIUM] CWE-601 Open Redirect in oauth2_proxy
Open Redirect in oauth2_proxy
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
ghsaosv