CVE-2025-67505HIGH 8.4EPSS p7.9%

CVE-2025-67505CVE-2025-67505

Description

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.

Scoring

CVSS 3.18.4 (HIGH)
VectorCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
EPSS0.18% probability of exploitation · percentile 7.9% · 2026-06-18T12:00:27Z
Published2025-12-10
Last modified2026-03-06

Underlying weaknesses· 1

CWE-362

References

  1. https://github.com/okta/okta-sdk-java/commit/abf4f128a0441f90cb7efcdcf4bde1aef8703243
  2. https://github.com/okta/okta-sdk-java/security/advisories/GHSA-j5gq-897m-2rff

1

TypeTargetConfidenceTier
WeaknessConcurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')cwe-3620%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-1801
CVE
CVE-2025-50059
CVE
CVE-2025-10611
CVE
CVE-2025-50106
CVE
CVE-2025-54955
CVE
CVE-2026-9831
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.