OAuth Implementation Vulnerability in Cloudflare's Workers-OAuth-Provider
CVE-2025-4143

6MEDIUM

Key Information:

Vendor: Cloudflare
Status
Vendor: CVE Published:; 1 May 2025

What is CVE-2025-4143?

The Workers-OAuth-Provider library from Cloudflare contains a notable vulnerability in its OAuth implementation. It fails to properly validate that the redirect URI is part of an authorized list during an authorization flow. This oversight can allow attackers to trick a victim into visiting a malicious site after they have previously authorized an application. If successful, the attacker could potentially access the victim's credentials and impersonate them on the OAuth server. It is essential for OAuth servers to cross-check redirect URIs during both the initial authorization and token exchange phases, a requirement that the library neglected to implement. This situation highlights a common yet critical misstep in OAuth security management.

References

https://github.com/cloudflare/workers-oauth-provider/pull/26

CVSS V4

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2025