FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

oauth2-proxy -- multiple vulnerabilities

Affected packages
oauth2-proxy < 7.14.2

Details

VuXML ID 10319b08-f050-4beb-95e3-fe025cdafd25
Discovery 2026-02-05
Entry 2026-02-27

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed.

References

CVE Name CVE-2025-68121

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.