Light Oauth2
1 CVEs
product
Monthly
light-oauth2 before version 2.1.27 obtains the public key without any verification. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Information Disclosure
Light Oauth2
NVD
GitHub
CVSS 3.1
5.9
EPSS
0.5%
CVE-2023-31580
Maven
EPSS 1%
CVSS 5.9
MEDIUM
POC
PATCH
This Month
light-oauth2 before version 2.1.27 obtains the public key without any verification. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Information Disclosure
Light Oauth2
NVD
GitHub