Skip to main content

Python Oauth2

2 CVEs product

Monthly

CVE-2013-4347 PyPI MEDIUM PATCH This Month

The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Python Information Disclosure Python Oauth2
NVD GitHub
CVSS 2.0
5.8
EPSS
0.4%
CVE-2013-4346 PyPI MEDIUM PATCH This Month

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Python Information Disclosure Python Oauth2
NVD GitHub
CVSS 2.0
4.3
EPSS
0.5%
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Python Information Disclosure Python Oauth2
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Python Information Disclosure Python Oauth2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy