Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-4347 | 1 Urbanairship | 1 Python-oauth2 | 2023-02-12 | 5.8 MEDIUM | N/A |
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack. | |||||
CVE-2013-4346 | 1 Urbanairship | 1 Python-oauth2 | 2023-02-12 | 4.3 MEDIUM | N/A |
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. |