Vulnerabilities > ORY > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-22 | CVE-2021-32701 | Unspecified vulnerability in ORY Oathkeeper ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. | 7.5 |
| 2020-09-24 | CVE-2020-15223 | Improper Check for Unusual or Exceptional Conditions vulnerability in ORY Fosite In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.34.0, the `TokenRevocationHandler` ignores errors coming from the storage. | 8.0 |
| 2020-09-24 | CVE-2020-15222 | Insufficient Verification of Data Authenticity vulnerability in ORY Fosite In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. | 8.1 |