apk package
chainguard/py3.12-jupyterhub-ltiauthenticator
pkg:apk/chainguard/py3.12-jupyterhub-ltiauthenticator
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34052 | Med | 5.9 | < 1.6.3-r0 | 1.6.3-r0 | Apr 3, 2026 | LTI JupyterHub Authenticator is a JupyterHub authenticator for LTI. Prior to version 1.6.3, the LTI 1.1 validator stores OAuth nonces in a class-level dictionary that grows without bounds. Nonces are added before signature validation, so an attacker with knowledge of a valid cons |
- affected < 1.6.3-r0fixed 1.6.3-r0
LTI JupyterHub Authenticator is a JupyterHub authenticator for LTI. Prior to version 1.6.3, the LTI 1.1 validator stores OAuth nonces in a class-level dictionary that grows without bounds. Nonces are added before signature validation, so an attacker with knowledge of a valid cons