Vulnerabilidades em oauth2-proxy
9 resultadosCVE-2021-21291MEDIUMSubdomain checking of whitelisted domains could allow unintended redirectsEPSS 1.4%CVE-2025-54576CRITICALOAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter inclusionEPSS 1.1%CVE-2021-21411MEDIUMIncorrect authorization in OAuth2-ProxyEPSS 1.0%CVE-2025-64484HIGHOAuth2-Proxy vulnerable to header smuggling via underscore, leading to potential privilege escalationEPSS 0.6%CVE-2026-34457CRITICALOAuth2 Proxy: Health Check User-Agent Matching Bypasses Authentication in auth_request ModeEPSS 0.5%CVE-2026-40575CRITICALOAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header SpoofingEPSS 0.4%CVE-2026-41059HIGHOAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and skip_auth_regexEPSS 0.3%CVE-2026-40574MEDIUMOAuth2 Proxy has an Authorization Bypass in Email Domain Validation via Malformed Multi-@ Email ClaimsEPSS 0.2%CVE-2026-34454LOWOAuth2 Proxy: Session cookie not cleared when rendering sign-in pageEPSS 0.2%