Identifier

CVE-2020-15223

Package Slug

go/github.com/ory/fosite/

Vulnerability

Improper Handling of Exceptional Conditions

Description

In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go), the TokenRevocationHandler ignores errors coming from the storage.

Affected Versions

All versions before 0.34.0

Solution

Upgrade to version 0.34.0 or above.

Last Modified

2020-10-06

source