OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of `uri_validate` functions depending where it is used. OAuthLib applications using OAuth2.0 provider support or use directly `uri_validate` are affected by this issue.

affected-products-logoAffected Products

OAuthLib versions 3.1.1 until 3.2.1

Impact logoImpact

System Compromise: Remote attackers can cause DoS to oauthlib's web application.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.

Version Updates

Date Version Detail
2023-01-16 0.00339

CVE References