Jupyterhub Oauthenticator
5 CVEs affecting Jupyterhub Oauthenticator. Latest disclosed: 2026-04-03. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-33175 | High | 8.8 | 2026-04-03 | OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. Prior to version 17.4.0, an authentication bypass v… |
CVE-2024-37300 | High | 8.1 | 2024-06-12 | OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. JupyterHub < 5.0, when used with `GlobusOAuthentica… |
CVE-2024-29033 | High | 7.5 | 2024-03-20 | OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 p… |
CVE-2020-26250 | Medium | 6.3 | 2020-12-01 | OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated (in jupyterhub 1.2) configur… |
CVE-2022-31027 | Medium | 4.2 | 2022-06-06 | OAuthenticator is an OAuth token library for the JupyerHub login handler. CILogonOAuthenticator is provided by the OAuthenticator package, and lets users log i… |