CVE-2020-26244: Multiple cryptographic issues in Python oic

December 4, 2020 (updated October 7, 2024)

Client implementations using this library

References

github.com/OpenIDC/pyoidc
github.com/OpenIDC/pyoidc/commit/62f8d753fa17c8b1f29f8be639cf0b33afb02498
github.com/OpenIDC/pyoidc/releases/tag/1.2.1
github.com/OpenIDC/pyoidc/security/advisories/GHSA-4fjv-pmhg-3rfg
github.com/advisories/GHSA-4fjv-pmhg-3rfg
github.com/pypa/advisory-database/tree/main/vulns/oic/PYSEC-2020-69.yaml
nvd.nist.gov/vuln/detail/CVE-2020-26244
pypi.org/project/oic

Detect and mitigate CVE-2020-26244 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →