Lucene search
K

5 matches found

OSV
OSV
added 2025/10/17 2:54 p.m.5 views

OESA-2025-2433 google-oauth-java-client security update

Written by Google, the Google OAuth Client Library for Java is a powerful and easy-to-use Java library for the OAuth 1.0a and OAuth 2.0 authorization standards. The Google OAuth Client Library for Java is designed to work with any OAuth service on the web, not just with Google APIs. It is built o...

8.7CVSS6.9AI score0.00287EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-0119

Malware in sbrugna...

6.8CVSS6.4AI score0.00815EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2020/12/04 4:47 p.m.62 views

Multiple cryptographic issues in Python oic

Impact Client implementations using this library Issues 1 The IdToken signature algorithm was not checked automatically, but only if the expected algorithm was passed in as a kwarg. 2 JWA none algorithm was allowed in all flows. 3 oic.consumer.Consumer.parseauthz returns an unverified IdToken. Th...

6.8CVSS2.8AI score0.00815EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2020/12/04 4:47 p.m.12 views

GHSA-4FJV-PMHG-3RFG Multiple cryptographic issues in Python oic

Impact Client implementations using this library Issues 1 The IdToken signature algorithm was not checked automatically, but only if the expected algorithm was passed in as a kwarg. 2 JWA none algorithm was allowed in all flows. 3 oic.consumer.Consumer.parseauthz returns an unverified IdToken. Th...

7.6CVSS6.4AI score0.00815EPSS
Exploits0References7
Prion
Prion
added 2020/12/02 8:15 p.m.19 views

Design/Logic Flaw

Python oic is a Python OpenID Connect implementation. In Python oic before version 1.2.1, there are several related cryptographic issues affecting client implementations that use the library. The issues are: 1 The IdToken signature algorithm was not checked automatically, but only if the expected...

4.9CVSS6.5AI score0.00815EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder