VYPR

Vendor CVEs

Auth0

All CVEs

34 total · sorted by risk
  • CVE-2018-6873CriApr 4, 2018
    risk 0.64cvss 9.8epss 0.02

    The Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT audience is not validated.

  • CVE-2025-48951CriJun 3, 2025
    risk 0.53cvss epss 0.01

    Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. Versions 8.0.0-BETA3 prior to 8.3.1 contain a vulnerability due to insecure deserialization of cookie data. If exploited, since SDKs process cookie content without prior authentication, a threat actor could…

  • CVE-2025-46572CriMay 6, 2025
    risk 0.53cvss epss 0.00

    passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by crafting a SAMLResponse. This can be…

  • CVE-2025-47275CriMay 15, 2025
    risk 0.52cvss 9.1epss 0.00

    Auth0-PHP provides the PHP SDK for Auth0 Authentication and Management APIs. Starting in version 8.0.0-BETA1 and prior to version 8.14.0, session cookies of applications using the Auth0-PHP SDK configured with CookieStore have authentication tags that can be brute forced, which…

  • CVE-2025-46573HigMay 6, 2025
    risk 0.49cvss epss 0.00

    passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response.…

  • CVE-2017-17068HigDec 6, 2017
    risk 0.49cvss 7.5epss 0.01

    A cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions < 8.12. This vulnerability allows an attacker to acquire authenticated users' tokens and invoke services on a user's behalf if the target site or application uses a popup callback…

  • CVE-2026-42280HigMay 27, 2026
    risk 0.46cvss 7.1epss 0.00

    Auth0.js is a client-side JavaScript library for Auth0. From 8.11.0 to 9.32.0, under specific preconditions, the Auth0.js SDK may improperly return user profile information using a valid access token when a specifically crafted invalid ID token is provided. This vulnerability is…

  • CVE-2026-34236HigApr 1, 2026
    risk 0.46cvss 8.2epss 0.00

    Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. From version 8.0.0 to before version 8.19.0, in applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and…

  • CVE-2017-16897HigDec 27, 2017
    risk 0.46cvss 8.1epss 0.01

    A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. This vulnerability allows an attacker to impersonate another user and potentially elevate their privileges if the SAML identity provider does not sign the full SAML response…

  • CVE-2025-48947HigJun 4, 2025
    risk 0.43cvss epss 0.00

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1 through 4.6.0, `__session` cookies set by auth0.middleware may be cached by CDNs due to missing Cache-Control headers. Three preconditions must be…

  • CVE-2024-31111MedJun 25, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WordPress allows Stored XSS.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from…

  • CVE-2023-6813MedJul 10, 2024
    risk 0.40cvss 6.1epss 0.00

    The Login by Auth0 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wle’ parameter in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to…

  • CVE-2024-32111MedJun 25, 2024
    risk 0.33cvss 5.0epss 0.00

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Automattic WordPress allows Relative Path Traversal.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from…

  • CVE-2026-40155MedApr 17, 2026
    risk 0.28cvss 5.4epss 0.00

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In versions 4.12.0 through 4.17.1, simultaneous requests that trigger a nonce retry may cause the proxy cache fetcher to perform improper lookups for the token request results. Users…

  • CVE-2025-46344MedApr 29, 2025
    risk 0.25cvss epss 0.00

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke `.setExpirationTime` when generating a JWE token for the session. As a result, the JWE does not contain an internal…

  • CVE-2025-68129Dec 17, 2025
    risk 0.00cvss epss 0.00

    Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. In applications built with the Auth0-PHP SDK, the audience validation in access tokens is performed improperly. Without proper validation, affected applications may accept ID tokens as Access tokens. Projects…

  • CVE-2025-67716Dec 11, 2025
    risk 0.00cvss epss 0.00

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0…

  • CVE-2025-67490Dec 10, 2025
    risk 0.00cvss epss 0.00

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This…

  • CVE-2025-65945Dec 4, 2025
    risk 0.00cvss epss 0.00

    auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature verification vulnerability when using the HS256 algorithm under specific conditions. Applications are affected when they…

  • CVE-2022-23539Dec 22, 2022
    risk 0.00cvss epss 0.00

    Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. You are affected if you are using an algorithm and a key type other than a…

  • CVE-2022-23540Dec 22, 2022
    risk 0.00cvss epss 0.01

    In versions `<=8.5.1` of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the…

  • CVE-2022-23541Dec 22, 2022
    risk 0.00cvss epss 0.01

    jsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect…

  • CVE-2022-23505Dec 13, 2022
    risk 0.00cvss epss 0.01

    Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the…

  • CVE-2022-29172May 5, 2022
    risk 0.00cvss epss 0.01

    Auth0 is an authentication broker that supports both social and enterprise identity providers, including Active Directory, LDAP, Google Apps, and Salesforce. In versions before `11.33.0`, when the “additional signup fields” feature [is configured](https://github.com/auth0/loc…

  • CVE-2022-24794Mar 31, 2022
    risk 0.00cvss epss 0.01

    Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Users of the `requiresAuth` middleware, either directly or through the default `authRequired` option, are vulnerable to an Open Redirect when the middleware is…

  • CVE-2021-43812Dec 16, 2021
    risk 0.00cvss epss 0.01

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before 1.6.2 do not filter out certain returnTo parameter values from the login url, which expose the application to an open redirect vulnerability. Users are advised to…

  • CVE-2021-41246Dec 9, 2021
    risk 0.00cvss epss 0.01

    Express OpenID Connect is express JS middleware implementing sign on for Express web apps using OpenID Connect. Versions before and including `2.5.1` do not regenerate the session id and session cookie when user logs in. This behavior opens up the application to various session…

  • CVE-2021-32702Jun 25, 2021
    risk 0.00cvss epss 0.01

    The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before and including `1.4.1` are vulnerable to reflected XSS. An attacker can execute arbitrary code by providing an XSS payload in the `error` query parameter which is then…

  • CVE-2021-32641Jun 4, 2021
    risk 0.00cvss epss 0.02

    auth0-lock is Auth0's signin solution. Versions of nauth0-lock before and including `11.30.0` are vulnerable to reflected XSS. An attacker can execute arbitrary code when the library's `flashMessage` feature is utilized and user input or data from URL parameters is incorporated…

  • CVE-2020-15240Oct 21, 2020
    risk 0.00cvss epss 0.01

    omniauth-auth0 (rubygems) versions >= 2.3.0 and < 2.4.1 improperly validate the JWT token signature when using the `jwt_validator.verify` method. Improper validation of the JWT token signature can allow an attacker to bypass authentication and authorization. You are affected by…

  • CVE-2020-15119Aug 19, 2020
    risk 0.00cvss epss 0.01

    In auth0-lock versions before and including 11.25.1, dangerouslySetInnerHTML is used to update the DOM. When dangerouslySetInnerHTML is used, the application and its users might be exposed to cross-site scripting (XSS) attacks.

  • CVE-2020-15125Jul 29, 2020
    risk 0.00cvss epss 0.02

    In auth0 (npm package) versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. The key for Authorization header is not sanitized and in certain cases the Authorization header value can be logged…

  • CVE-2020-15084Jun 30, 2020
    risk 0.00cvss epss 0.01

    In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are…

  • CVE-2020-5263Apr 9, 2020
    risk 0.00cvss epss 0.01

    auth0.js (NPM package auth0-js) greater than version 8.0.0 and before version 9.12.3 has a vulnerability. In the case of an (authentication) error, the error object returned by the library contains the original request of the user, which may include the plaintext password the…