CVE-2025-4144

Medium CVSS: 5.3

PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . However, it was found that an attacker could cause the check to be skipped.

Fixed in:

https://github.com/cloudflare/workers-oauth-provider/pull/27 https://github.com/cloudflare/workers-oauth-provider/pull/27

Impact:

PKCE is a defense-in-depth mechanism against certain kinds of attacks and was an optional extension in OAuth 2.0 which became required in the OAuth 2.1 draft. (Note that the MCP specification requires OAuth 2.1.). This bug completely bypasses PKCE protection.

Vendor

Cloudflare

Product

Workers-oauth-provider

CWE

CWE-287

Yayın Tarihi

2025-05-01 01:15:54

Güncelleme

2025-05-12 19:39:31

Source Identifier

cna@cloudflare.com

KEV Date Added

Kategoriler

CWE-287 Workers-oauth-provider MEDIUM Cloudflare 2025

Referanslar

https://github.com/cloudflare/workers-oauth-provider/pull/27

Benzer Kayıtlar

High

CVE-2026-2836

A cache poisoning vulnerability has been found in the Pingora HTTP proxy framework’s default cache key construction. The…

Critical

CVE-2026-2833

An HTTP request smuggling vulnerability (CWE-444) was found in Pingora's handling of HTTP/1.1 connection upgrades. The i…

Critical

CVE-2026-2835

An HTTP Request Smuggling vulnerability (CWE-444) has been found in Pingora's parsing of HTTP/1.0 and Transfer-Encoding…

Low

CVE-2026-1229

The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific input…

High

CVE-2026-0933

SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The is…

High

CVE-2025-13353

In gokey versions