CVE-2021-22001

In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider IdP of type “oauth 1.0” was sent to UAA server...

EUVD-2021-9171

Malicious code in bioql PyPI...

Cross site request forgery (csrf)

In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider IdP of type “oauth 1.0” was sent to UAA server...

CVE-2021-22001

CVE-2021-22001 affects Cloud Foundry UAA server prior to version 75.3.0. The issue arises when deleting an identity provider (IdP) of type oauth 1.0: the response may reveal sensitive information, including the relaying secret of the provider. The root cause is an information disclosure in the Id...

CVE-2021-22001

In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider IdP of type “oauth 1.0” was sent to UAA server...

Fedora 11 : perl-Net-OAuth-0.19-1.fc11 (2009-10539)

A session fixation vulnerability was discovered in OAuth protocol 1.0. Perl OAuth bindings were updated to support the new version of the OAauth protocol that was issued to address the vulnerability. All OAuth users are strongly advised to update to this updated package and protocol version 1.0a...