Urbanairship » Python-oauth2 : Security Vulnerabilities, CVEs,
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.
Max CVSS
5.8
EPSS Score
0.26%
Published
2014-05-20
Updated
2023-02-13
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.
Max CVSS
4.3
EPSS Score
0.26%
Published
2014-05-20
Updated
2023-02-13
2 vulnerabilities found