CVE-2017-1000069: Cross-Site Request Forgery (CSRF)

December 20, 2021

CSRF in Bitly oauth2_proxy 2.1 during authentication flow

References

github.com/advisories/GHSA-rrm8-32g4-w8m3
github.com/bitly/oauth2_proxy/commit/55085d9697962668fd4e43e8e4644144fe83cd93
github.com/bitly/oauth2_proxy/pull/360
nvd.nist.gov/vuln/detail/CVE-2017-1000069
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000069

Code Behaviors & Features

Detect and mitigate CVE-2017-1000069 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →