EUVD-2022-1828

Malicious code in bioql PyPI...

Account Takeover

causal/oidc is vulnerable to Account Takeover. The vulnerability is due to flaws in the account linking logic, where an attacker can register a public frontend user account with a user's email before the user's first OIDC login, allowing them to hijack the account...

PT-2023-27171 · User Oidc +1 · User Oidc +1

Name of the Vulnerable Software and Affected Versions: user oidc versions 1.0.0 through 1.3.2 Description: The issue affects the user oidc module, which provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. An attacker with at least read access to a snapshot of the...

PT-2022-24909 · Nextcloud · User Oidc

Name of the Vulnerable Software and Affected Versions: user oidc versions prior to 1.2.1 Description: The issue concerns the user oidc OpenID Connect user backend for Nextcloud, where sensitive information such as OIDC client credentials and tokens are sent in plain text over HTTP without TLS in...

GHSA-F9Q6-69FH-4W5W flask-oidc Open Redirect vulnerability

flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect...

Open redirect

flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect...

PYSEC-2016-25

flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect...

CVE-2016-1000001

flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect...

CVE-2016-1000001

flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect...