CVE-2016-1000001: flask-oidc Open Redirect vulnerability
7.4
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.39635%
CWE
Published
5/17/2022
Updated
9/20/2024
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
flask-oidc | pip | < 1.0.0 | 1.0.0 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from two key functions: 1) redirect_to_auth_server stored user-provided destination in OAuth state without signing/validation, and 2) oidc_callback used this untrusted destination for redirection. The fix introduced cryptographic signing (destination_serializer) in redirect_to_auth_server and validation in oidc_callback, confirming these were the vulnerable points. The pre-patch code's 'TODO' comment and direct redirect() call with raw destination parameter demonstrate the lack of validation.