CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
Percentile
65.9%
It was found that in python-oauth2, an application for authorization flows for web applications, the nonce value generated isn’t sufficiently random. While doing bulk operations the nonce might be repeated, so there is a chance of predictability. This could allow MITM attackers to conduct replay attacks. (CVE-2013-4347)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 2 | noarch | python-oauth2 | < 1.5.170-1.3 | python-oauth2-1.5.170-1.3.mga2 |
Mageia | 3 | noarch | python-oauth2 | < 1.5.170-2.3 | python-oauth2-1.5.170-2.3.mga3 |