Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Urbanairship Subscribe
Filtered by product Python-oauth2
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-4347 1 Urbanairship 1 Python-oauth2 2023-02-12 5.8 MEDIUM N/A
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.
CVE-2013-4346 1 Urbanairship 1 Python-oauth2 2023-02-12 4.3 MEDIUM N/A
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.