
Security Advisories for next-auth in npm
High
over 2 years ago
Missing proper state, nonce and PKCE checks for OAuth authentication
npm
next-auth
Low
about 3 years ago
next-auth before v4.10.2 and v3.29.9 leaks excessive information into log
npm
next-auth
Critical
about 3 years ago
NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails
npm
next-auth
Moderate
over 3 years ago
URL Redirection to Untrusted Site ('Open Redirect') in next-auth
npm
next-auth
Moderate
over 3 years ago
NextAuth.js default redirect callback vulnerable to open redirects
npm
next-auth