CVE-2025-67505
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-10

Last updated on: 2026-03-06

Assigner: GitHub, Inc.

Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-10
Last Modified
2026-03-06
Generated
2026-06-16
AI Q&A
2025-12-11
EPSS Evaluated
2026-06-15
NVD
CVE-2025-67505
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
okta java_management_sdk From 11.0.0 (inc) to 20.0.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-362 The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Okta Java Management SDK versions 11.0.0 through 20.0.0. It involves race conditions caused by concurrent requests using the ApiClient class. Due to these race conditions, the status code or response header from one request's response may incorrectly influence another request's response. This issue was fixed in version 20.0.1.

Impact Analysis

The vulnerability can cause incorrect or misleading responses when multiple requests are made concurrently using the ApiClient class. This may lead to data integrity issues, incorrect application behavior, or security risks due to responses being mixed or corrupted between requests.

Mitigation Strategies

Upgrade the Okta Java Management SDK to version 20.0.1 or later, as this version contains the fix for the race condition issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67505. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart