VDB
PYSEC-2014-85
PYSEC-2014-85
PUBLISHED
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | oauth2 | 1.0.4, 1.0.0, 1.0.5 |
Timeline
- May 20, 2014 CVE Published
- Feb 23, 2024 CVE Updated