The Bitly oauth2_proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819
References
Link | Resource |
---|---|
https://github.com/bitly/oauth2_proxy/pull/359 | Patch Third Party Advisory |
https://tools.ietf.org/html/rfc6819#section-5.2.3.5 | Technical Description |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-07-13T20:00:00
Updated: 2017-07-13T19:57:01
Reserved: 2017-07-10T00:00:00
Link: CVE-2017-1000070
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-07-17T13:18:18.220
Modified: 2017-07-20T16:26:26.063
Link: CVE-2017-1000070
JSON object: View
Redhat Information
No data.
CWE