Medium severity6.1NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026
CVE-2017-1000070
CVE-2017-1000070
Description
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/bitly/oauth2_proxyGo | < 2.2.0 | 2.2.0 |
Affected products
2- cpe:2.3:a:oauth2_proxy_project:oauth2_proxy:*:*:*:*:*:*:*:*Range: <=2.1
Patches
Vulnerability mechanics
References
7- github.com/bitly/oauth2_proxy/pull/359nvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-jm34-xm8m-w958ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000070ghsaADVISORY
- github.com/bitly/oauth2_proxy/commit/289a6ccf463a425c7606178c510fc5eeb9c8b050ghsaWEB
- github.com/bitly/oauth2_proxy/issues/228ghsaWEB
- tools.ietf.org/html/rfc6819nvdTechnical DescriptionWEB
- web.nvd.nist.gov/view/vuln/detailghsaWEB
News mentions
0No linked articles in our index yet.