Wind River Support Network


LIN1021-4377 : Security Advisory - python3-oauthlib - CVE-2022-36087

Created: Sep 12, 2022    Updated: Sep 18, 2022
Found In Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace


OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of `uri_validate` functions depending where it is used. OAuthLib applications using OAuth2.0 provider support or use directly `uri_validate` are affected by this issue. Version 3.2.1 contains a patch. There are no known workarounds.

CREATE(Triage):(User=admin) CVE-2022-36087 (
Live chat