github.com/oauth2-proxy/oauth2-proxy/v7 vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-41059Highgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2 Proxy has an Authentication Bypass via Fragment Confusion in skip_auth_routes and…CVE-2026-40574Mediumgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2 Proxy has an Authorization Bypass in Email Domain Validation via Malformed Multi-@ Email…CVE-2026-40575Criticalgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header SpoofingCVE-2026-34457Criticalgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2 Proxy's Health Check User-Agent Matching Bypasses Authentication in auth_request ModeCVE-2026-34454Lowgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2 Proxy's session cookies are not cleared when rendering sign-in pageCVE-2025-64484Highgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2-Proxy is vulnerable to header smuggling via underscore leading to potential privilege…CVE-2025-54576Criticalgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2-Proxy has authentication bypass in oauth2-proxy skip_auth_routes due to Query Parameter…CVE-2021-21411Mediumgithub.com/oauth2-proxy/oauth2-proxy/v7: OAuth2-Proxy's `--gitlab-group` GitLab Group Authorization config flag stopped working in v7.0.0CVE-2021-21291Lowgithub.com/oauth2-proxy/oauth2-proxy/v7: Subdomain checking of whitelisted domains could allow unintended redirects in oauth2-proxy

Stop the waste.
Protect your environment with Kodem.