CVE-2024-29033 GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace

OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. GoogleOAuthenticator.hosteddomain is used to restrict what Google accounts can be authorized access to a JupyterHub. The...