io.github.leetcrunch:scribejava-core

Details

---
_-= Per source details. Do not edit below this line.=-_

## Source: google-open-source-security (8dd884cda209e50c2bd5185172f3c25968cb972cbd19234779b43f4f855f2d26)
A malicious Maven Java package a typosquatting a legitimate OAuth Maven
package. The malicious package collects and exfils OAuth credentials on
the 15th day of each month.

Compromised versions (1)

• 8.3.5

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.