Go modules package
github.com/bitly/oauth2_proxy
pkg:golang/github.com/bitly/oauth2_proxy
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000070 | Med | 6.1 | < 2.2.0 | 2.2.0 | Jul 17, 2017 | The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819 | |
| CVE-2017-1000069 | Hig | 8.8 | < 2.2.0 | 2.2.0 | Jul 17, 2017 | CSRF in Bitly oauth2_proxy 2.1 during authentication flow |
- affected < 2.2.0fixed 2.2.0
The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
- affected < 2.2.0fixed 2.2.0
CSRF in Bitly oauth2_proxy 2.1 during authentication flow