VYPR

Oauth

by MediaWiki

CVEs (2)

  • CVE-2021-31556CriAug 12, 2021
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob.

  • CVE-2021-31555HigApr 22, 2021
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter's length.