Vulnerabilities > Google > Oauth Client Library FOR Java

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2021-22573 Improper Verification of Cryptographic Signature vulnerability in Google Oauth Client Library for Java
The vulnerability is that IDToken verifier does not verify if token is properly signed.
network
low complexity
google CWE-347
7.3
7.3
2020-07-09 CVE-2020-7692 Incorrect Authorization vulnerability in Google Oauth Client Library for Java
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps.
network
low complexity
google CWE-863
critical
 9.1
9.1