Oauthenticator
This hub aggregates every CVE we track for Oauthenticator, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
HIGH4MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Oauthenticator.
- CVE-2026-33175OAuthenticator: Authentication Bypass in Auth0OAuthenticator via Unverified Email Claims8.8
- CVE-2024-37300Globus `identity_provider` restriction ignored when used with `allow_all` in JupyterHub 5.08.1
- CVE-2024-29033GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace7.5
- CVE-2022-31027Authorization Bypass Through User-Controlled Key when using CILogonOAuthenticator in oauthenticator4.2
- CVE-2020-26250Base class whitelist configuration ignored in OAuthenticator6.3
- CVE-2018-7206An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x before 0.7.3. When using JupyterHub with GitLab group whitelisting for access control, group member...8.8
Product normalization is registry-driven with AI assist and human review. How it works