Headline
GHSA-j5gq-897m-2rff: Race condition in the Okta Java SDK
Description
In the Okta Java SDK, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response.
Affected product and versions
You may be affected if you meet the following preconditions:
- Using the Okta Java SDK between versions 11.0.0 and 20.0.0, and
- Implementing a multithreaded application with the ApiClient class where the response status code is used in access control flows
Resolution
Upgrade Okta/okta-sdk-java to versions 21.0.0 or greater.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2025-67505
Race condition in the Okta Java SDK
High severity GitHub Reviewed Published Dec 10, 2025 in okta/okta-sdk-java • Updated Dec 10, 2025
Package
maven com.okta.sdk:okta-sdk-root (Maven)
Affected versions
>= 11.0.0, <= 20.0.0
Description
In the Okta Java SDK, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response.
Affected product and versions
You may be affected if you meet the following preconditions:
- Using the Okta Java SDK between versions 11.0.0 and 20.0.0, and
- Implementing a multithreaded application with the ApiClient class where the response status code is used in access control flows
Resolution
Upgrade Okta/okta-sdk-java to versions 21.0.0 or greater.
References
- GHSA-j5gq-897m-2rff
- okta/okta-sdk-java@abf4f12
Published to the GitHub Advisory Database
Dec 10, 2025
Last updated
Dec 10, 2025