Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-4346

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.

Related bugs and status

CVE-2013-4346 (Candidate) is related to these bugs:

Bug #1384815: CVE-2013-4346

Summary				In	Importance	Status
	1384815	CVE-2013-4346		python-oauth2 (Ubuntu)	Undecided	Expired

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/sim...
MISC: http://www.securityfoc...
MISC: http://www.openwall.co...