Skip to content

omniauth-oauth2 Cross-Site Request Forgery vulnerability

Moderate severity GitHub Reviewed Published Oct 24, 2017 to the GitHub Advisory Database • Updated Aug 29, 2023

Package

bundler omniauth-oauth2 (RubyGems)

Affected versions

< 1.1.1

Patched versions

1.1.1
Published to the GitHub Advisory Database Oct 24, 2017
Reviewed Jun 16, 2020
Last updated Aug 29, 2023

Severity

Moderate

EPSS score

0.215%
(60th percentile)

Weaknesses

CVE ID

CVE-2012-6134

GHSA ID

GHSA-fgmx-8h93-26fh
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.