CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
68.0%
A flaw was found in python-oauthlib. This flaw allows an attacker providing a malicious redirect URI to cause a denial of service to OAuthLib’s web application.
The redirect_uri can be verified in the web toolkit before OAuthLib is called. Check to see if :
is present to reject the request can prevent the denial of service, assuming no port or IPv6 is fundamentally required.