Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-rrvg-cxh4-qhrv
  • PyPI/oauthenticator
 Auth0OAuthenticator has an Authentication Bypass via Unverified Email Claims 03 Apr
  • Fix available
  • Severity - 8.8 (High)
GHSA-gprj-3p75-f996
  • PyPI/oauthenticator
 Globus `identity_provider` restriction ignored when used with `allow_all` in JupyterHub 5.0 12 Jun 2024
  • Fix available
  • Severity - 8.1 (High)
GHSA-55m3-44xf-hg4h
  • PyPI/oauthenticator
 GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace 20 Mar 2024
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2022-206
  • PyPI/oauthenticator
 See record for full details 09 Jun 2022
  • Fix available
GHSA-r7v4-jwx9-wx43
  • PyPI/oauthenticator
 Authorization Bypass Through User-Controlled Key when using CILogonOAuthenticator oauthenticator 06 Jun 2022
  • Fix available
  • Severity - 4.2 (Medium)
GHSA-8x3m-m3x9-54fj
  • PyPI/oauthenticator
 JupyterHub OAuthenticator elevation of privilege 13 May 2022
  • Fix available
  • Severity - 8.7 (High)
PYSEC-2020-68
  • PyPI/oauthenticator
  • github.com/jupyterhub/oauthenticator
 See record for full details 01 Dec 2020
  • Fix available
GHSA-384w-5v3f-q499
  • PyPI/oauthenticator
 Base class whitelist configuration ignored in OAuthenticator 01 Dec 2020
  • Fix available
  • Severity - 8.3 (High)
PYSEC-2018-68
  • PyPI/oauthenticator
  • github.com/jupyterhub/oauthenticator
 See record for full details 18 Feb 2018
  • Fix available