Oauth Client Library For Java
1 CVEs
product
Monthly
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Google
Authentication Bypass
Oauth Client Library For Java
NVD
GitHub
CVSS 3.1
9.1
EPSS
1.6%
CVE-2020-7692
Maven
EPSS 2%
CVSS 9.1
CRITICAL
POC
PATCH
Act Now
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Google
Authentication Bypass
Oauth Client Library For Java
NVD
GitHub