VDB

PYSEC-2014-85

PYSEC-2014-85 PUBLISHED

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.

Affected Products

VendorProductVersions
PyPIoauth21.0.4, 1.0.0, 1.0.5

Timeline

  • May 20, 2014 CVE Published
  • Feb 23, 2024 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›