Vulnerability Report: GO-2021-0109
- CVE-2020-15223, GHSA-7mqr-2v3q-v2wm
- Affects: github.com/ory/fosite
- Published: Jul 28, 2021
- Modified: May 20, 2024
Due to improper error handling, an error with the underlying token storage may cause a user to believe a token has been successfully revoked when it is in fact still valid. An attackers ability to exploit this relies on an ability to trigger errors in the underlying storage.
Affected Packages
-
PathGo VersionsSymbols
-
before v0.34.0
Aliases
References
- https://github.com/ory/fosite/commit/03dd55813f5521985f7dd64277b7ba0cf1441319
- https://vuln.go.dev/ID/GO-2021-0109.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.