Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

next-auth

npm

Authentication for Next.js

View on github.com · View on npmjs.org

Security Advisories for next-auth in npm

Moderate
almost 2 years ago

Possible user mocking that bypasses basic authentication GSA_kwCzR0hTQS12NjR3LTQ5eHctcXE4Oc4AA3R1

npm next-auth
High
over 2 years ago

Missing proper state, nonce and PKCE checks for OAuth authentication GSA_kwCzR0hTQS03cjd4LTRjNHEtYzRxZs4AAyE2

npm next-auth
Low
about 3 years ago

next-auth before v4.10.2 and v3.29.9 leaks excessive information into log GSA_kwCzR0hTQS1wNm1tLTI3Z3EtOXYzcM4AAt2a

npm next-auth
Critical
about 3 years ago

NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails GSA_kwCzR0hTQS14djk3LWM2MnYtNDU4N84AAtxf

npm next-auth
High
about 3 years ago

Improper handling of email input GSA_kwCzR0hTQS1wZ2p4LTdmOWctOTQ2M84AAtHy

npm next-auth
High
over 3 years ago

Improper Handling of `callbackUrl` parameter in next-auth GSA_kwCzR0hTQS1nNWZtLWpwOXYtMjQzMs4AAs5b

npm next-auth
Moderate
over 3 years ago

URL Redirection to Untrusted Site ('Open Redirect') in next-auth GSA_kwCzR0hTQS1xMm14LWo0eDItMmg3NM4AArBA

npm next-auth
Moderate
over 3 years ago

NextAuth.js default redirect callback vulnerable to open redirects GSA_kwCzR0hTQS1mOXdnLTVmNDYtY2ptd80_pg

npm next-auth
Low
over 4 years ago

Token verification bug in next-auth MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnNTMtNTZjZy00bThx

npm next-auth

Filter by Severity

Moderate 3 High 3 Low 2 Critical 1