EPSS
Percentile
56.2%
OAuthenticator is vulnerable to unauthorized account creation. The library does not properly check group membership properly when used with JupyterHub for Gitlab whitelisting access control, allowing a malicious user to create accounts on the Hub.
blog.jupyter.org/security-fix-for-jupyterhub-gitlab-oauthenticator-7b14571d1f76
github.com/jupyterhub/oauthenticator/blob/8499dc2/CHANGELOG.md#073---2018-02-16
github.com/jupyterhub/oauthenticator/commit/1845c0e4b1bff3462c91c3108c85205acd3c75a2