Ietf · Ietf Oauth 2.0 · CVE-2025-27371
**Name of the Vulnerable Software and Affected Versions**
IETF OAuth 2.0 versions (affected versions not specified)
**Description**
The issue arises from ambiguities in the audience values of JSON Web Tokens (JWTs) sent to authorization servers when using the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism. This ambiguity is present in certain IETF OAuth 2.0-related specifications.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.