Your submission was sent successfully! Close

USN-5632-1: OAuthLib vulnerability

22 September 2022

OAuthLib could be made to crash if it received specially crafted network traffic.

Releases

Packages

  • python-oauthlib - generic, spec-compliant implementation of OAuth for Python3

Details

Sebastian Chnelik discovered that OAuthLib incorrectly handled certain
redirect uris. A remote attacker could possibly use this issue to cause
OAuthLib to crash, resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 22.04

In general, a standard system update will make all the necessary changes.

References