Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/golang-golang-x-oauth2@0.3.0-1
purl pkg:deb/debian/golang-golang-x-oauth2@0.3.0-1
Next non-vulnerable version 0.15.0-1~bpo12+1
Latest non-vulnerable version 0.15.0-1~bpo12+1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-nrrp-y243-bfa1
Aliases:
CVE-2025-22868
GHSA-6v2p-p543-phr9
golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
0.15.0-1~bpo12+1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T09:06:05.445855+00:00 Debian Importer Affected by VCID-nrrp-y243-bfa1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-11T18:05:53.106988+00:00 Debian Importer Affected by VCID-nrrp-y243-bfa1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-04T17:56:17.731642+00:00 Debian Importer Affected by VCID-nrrp-y243-bfa1 https://security-tracker.debian.org/tracker/data/json 38.1.0