{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51284?format=json","vulnerability_id":"VCID-sk4t-73s6-rqg9","summary":"Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to 1.6.12 and 1.7.1, an unauthenticated open redirect in Authlib's OpenIDImplicitGrant and OpenIDHybridGrant authorization endpoint lets a remote attacker cause the authorization server to issue an HTTP 302 to an attacker-chosen URL by submitting an authorization request that omits the openid scope. This vulnerability is fixed in 1.6.12 and 1.7.1.","aliases":[{"alias":"CVE-2026-44681"},{"alias":"GHSA-r95x-qfjj-fjj2"},{"alias":"PYSEC-2026-188"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124691?format=json","purl":"pkg:deb/debian/python-authlib@1.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-authlib@1.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/75185?format=json","purl":"pkg:pypi/authlib@1.6.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.12"},{"url":"http://public2.vulnerablecode.io/api/packages/119960?format=json","purl":"pkg:pypi/authlib@1.7.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.7.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124689?format=json","purl":"pkg:deb/debian/python-authlib@0.15.4-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-pguz-hqre-77ac"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-authlib@0.15.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124688?format=json","purl":"pkg:deb/debian/python-authlib@1.2.0-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4wgd-2mpe-tyh3"},{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-pt7d-e6h5-kbd2"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-zafh-nuvx-6fch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-authlib@1.2.0-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124693?format=json","purl":"pkg:deb/debian/python-authlib@1.6.0-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4wgd-2mpe-tyh3"},{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-pt7d-e6h5-kbd2"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-z4uj-gecb-1ucd"},{"vulnerability":"VCID-zafh-nuvx-6fch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-authlib@1.6.0-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41523?format=json","purl":"pkg:pypi/authlib@0.1rc0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.1rc0"},{"url":"http://public2.vulnerablecode.io/api/packages/41524?format=json","purl":"pkg:pypi/authlib@0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41525?format=json","purl":"pkg:pypi/authlib@0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/41526?format=json","purl":"pkg:pypi/authlib@0.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41527?format=json","purl":"pkg:pypi/authlib@0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/41528?format=json","purl":"pkg:pypi/authlib@0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/41529?format=json","purl":"pkg:pypi/authlib@0.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41530?format=json","purl":"pkg:pypi/authlib@0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/41531?format=json","purl":"pkg:pypi/authlib@0.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41532?format=json","purl":"pkg:pypi/authlib@0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/41533?format=json","purl":"pkg:pypi/authlib@0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/41534?format=json","purl":"pkg:pypi/authlib@0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/41535?format=json","purl":"pkg:pypi/authlib@0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/41536?format=json","purl":"pkg:pypi/authlib@0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/41537?format=json","purl":"pkg:pypi/authlib@0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/41538?format=json","purl":"pkg:pypi/authlib@0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/41539?format=json","purl":"pkg:pypi/authlib@0.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41540?format=json","purl":"pkg:pypi/authlib@0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/41541?format=json","purl":"pkg:pypi/authlib@0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/41542?format=json","purl":"pkg:pypi/authlib@0.14.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.14.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41543?format=json","purl":"pkg:pypi/authlib@0.14.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.14.2"},{"url":"http://public2.vulnerablecode.io/api/packages/41544?format=json","purl":"pkg:pypi/authlib@0.14.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.14.3"},{"url":"http://public2.vulnerablecode.io/api/packages/41545?format=json","purl":"pkg:pypi/authlib@0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/41546?format=json","purl":"pkg:pypi/authlib@0.15.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.15.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41547?format=json","purl":"pkg:pypi/authlib@0.15.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.15.2"},{"url":"http://public2.vulnerablecode.io/api/packages/41548?format=json","purl":"pkg:pypi/authlib@0.15.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.15.3"},{"url":"http://public2.vulnerablecode.io/api/packages/41549?format=json","purl":"pkg:pypi/authlib@0.15.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.15.4"},{"url":"http://public2.vulnerablecode.io/api/packages/41550?format=json","purl":"pkg:pypi/authlib@0.15.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.15.5"},{"url":"http://public2.vulnerablecode.io/api/packages/41551?format=json","purl":"pkg:pypi/authlib@0.15.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@0.15.6"},{"url":"http://public2.vulnerablecode.io/api/packages/41552?format=json","purl":"pkg:pypi/authlib@1.0.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.0.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/41553?format=json","purl":"pkg:pypi/authlib@1.0.0a2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.0.0a2"},{"url":"http://public2.vulnerablecode.io/api/packages/41554?format=json","purl":"pkg:pypi/authlib@1.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/41555?format=json","purl":"pkg:pypi/authlib@1.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/41556?format=json","purl":"pkg:pypi/authlib@1.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/41557?format=json","purl":"pkg:pypi/authlib@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-pguz-hqre-77ac"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/41558?format=json","purl":"pkg:pypi/authlib@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41559?format=json","purl":"pkg:pypi/authlib@1.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/41560?format=json","purl":"pkg:pypi/authlib@1.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/41561?format=json","purl":"pkg:pypi/authlib@1.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/41562?format=json","purl":"pkg:pypi/authlib@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-tk6q-528z-rye4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/41563?format=json","purl":"pkg:pypi/authlib@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/49663?format=json","purl":"pkg:pypi/authlib@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/49664?format=json","purl":"pkg:pypi/authlib@1.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/49665?format=json","purl":"pkg:pypi/authlib@1.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/49666?format=json","purl":"pkg:pypi/authlib@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/49667?format=json","purl":"pkg:pypi/authlib@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/49668?format=json","purl":"pkg:pypi/authlib@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/49669?format=json","purl":"pkg:pypi/authlib@1.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/49670?format=json","purl":"pkg:pypi/authlib@1.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/49671?format=json","purl":"pkg:pypi/authlib@1.6.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.2"},{"url":"http://public2.vulnerablecode.io/api/packages/49672?format=json","purl":"pkg:pypi/authlib@1.6.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.3"},{"url":"http://public2.vulnerablecode.io/api/packages/49673?format=json","purl":"pkg:pypi/authlib@1.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.4"},{"url":"http://public2.vulnerablecode.io/api/packages/49674?format=json","purl":"pkg:pypi/authlib@1.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"},{"vulnerability":"VCID-z4uj-gecb-1ucd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/49675?format=json","purl":"pkg:pypi/authlib@1.6.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.6"},{"url":"http://public2.vulnerablecode.io/api/packages/49676?format=json","purl":"pkg:pypi/authlib@1.6.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.7"},{"url":"http://public2.vulnerablecode.io/api/packages/49677?format=json","purl":"pkg:pypi/authlib@1.6.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.8"},{"url":"http://public2.vulnerablecode.io/api/packages/49678?format=json","purl":"pkg:pypi/authlib@1.6.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.9"},{"url":"http://public2.vulnerablecode.io/api/packages/49679?format=json","purl":"pkg:pypi/authlib@1.6.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hrf7-xz6n-efcg"},{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.10"},{"url":"http://public2.vulnerablecode.io/api/packages/49680?format=json","purl":"pkg:pypi/authlib@1.6.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.6.11"},{"url":"http://public2.vulnerablecode.io/api/packages/119958?format=json","purl":"pkg:pypi/authlib@1.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sk4t-73s6-rqg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/authlib@1.7.0"}],"references":[{"reference_url":"https://github.com/authlib/authlib","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/authlib/authlib"},{"reference_url":"https://github.com/authlib/authlib/releases/tag/v1.6.12","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/authlib/authlib/releases/tag/v1.6.12"},{"reference_url":"https://github.com/authlib/authlib/releases/tag/v1.7.1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/authlib/authlib/releases/tag/v1.7.1"},{"reference_url":"https://github.com/authlib/authlib/security/advisories/GHSA-r95x-qfjj-fjj2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/authlib/authlib/security/advisories/GHSA-r95x-qfjj-fjj2"}],"weaknesses":[{"cwe_id":601,"name":"URL Redirection to Untrusted Site ('Open Redirect')","description":"A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks."},{"cwe_id":863,"name":"Incorrect Authorization","description":"The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sk4t-73s6-rqg9"}