Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
May 20, 2022Rewterz Threat Alert – Eternity Project – Malware Being Sold Via Telegram – Active IOCs
May 23, 2022Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
May 20, 2022Rewterz Threat Alert – Eternity Project – Malware Being Sold Via Telegram – Active IOCs
May 23, 2022Severity
Medium
Analysis Summary
CVE-2021-22573
Google OAuth Client Library for Java could allow a remote attacker to bypass security restrictions, caused by improper verification of token signatures. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass verification on the client-side.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2021-22573
Affected Vendors
Affected Products
- Google OAuth Client Library for Java 1.33.2
- Google OAuth Client Library for Java 1.33.1
- Google OAuth Client Library for Java 1.33.0
Remediation
Refer to Google OAuth Client Library for Java GIT Repository for patch, upgrade or suggested workaround information.