Vulnerabilities > Google > Oauth Client Library FOR Java > 1.29.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2021-22573 | Improper Verification of Cryptographic Signature vulnerability in Google Oauth Client Library for Java The vulnerability is that IDToken verifier does not verify if token is properly signed. | 3.5 |
| 2020-07-09 | CVE-2020-7692 | Incorrect Authorization vulnerability in Google Oauth Client Library for Java PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. | 9.1 |