Oauth2-proxy Oauth2-proxy

9 CVEs affecting Oauth2-proxy Oauth2-proxy. Latest disclosed: 2026-04-21. Critical: 3, High: 2.

Top CVEs affecting Oauth2-proxy Oauth2-proxy
CVE	Severity	Score	Published	Summary
`CVE-2026-40575`	Critical	`9.1`	2026-04-21	OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied `X-Forwarded-Uri…
`CVE-2026-34457`	Critical	`9.1`	2026-04-14	OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication…
`CVE-2025-54576`	Critical	`9.1`	2025-07-30	OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load…
`CVE-2025-64484`	High	`8.5`	2025-11-10	OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load…
`CVE-2026-41059`	High	`8.2`	2026-04-21	OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authenticatio…
`CVE-2026-40574`	Medium	`6.8`	2026-04-21	OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Prior to 7.15.2, an authorization bypass exists in OAuth2 Proxy as part of…
`CVE-2021-21411`	Medium	`5.5`	2021-03-26	OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The `--gitlab-group` flag for group-based aut…
`CVE-2021-21291`	Medium	`4.7`	2021-02-02	OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accou…
`CVE-2026-34454`	Low	`3.5`	2026-04-14	OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the…