Vulnerabilities > ORY > Fosite > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-15223 | Improper Check for Unusual or Exceptional Conditions vulnerability in ORY Fosite In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.34.0, the `TokenRevocationHandler` ignores errors coming from the storage. | 8.0 |
| 2020-09-24 | CVE-2020-15222 | Insufficient Verification of Data Authenticity vulnerability in ORY Fosite In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. | 8.1 |