Описание
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
Ссылки
- PatchThird Party Advisory
- Technical Description
- PatchThird Party Advisory
- Technical Description
Уязвимые конфигурации
Конфигурация 1Версия до 2.1 (включая)
cpe:2.3:a:oauth2_proxy_project:oauth2_proxy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00178
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
EPSS
Процентиль: 39%
0.00178
Низкий
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-601