Filters
Software
auth0 auth0.js
6
auth0 jsonwebtoken
4
auth0 lock
4
auth0 login by auth0
4
auth0 express openid connect
2
auth0 nextjs-auth0
2
auth0 passport-wsfed-saml2
2
auth0 wp-auth0
2
auth0 ad\/ldap connector
1
auth0 angular-jwt
1
auth0 aspnet
1
auth0 aspnet-owin
1
auth0 auth0-wcf-service-jwt
1
auth0 auth0.net
1
auth0 express-jwt
1
auth0 omniauth-auth0
1
auth0 passport-sharepoint
1
IBM Cognos Analyticsjsonwebtoken unrestricted key type could lead to legacy keys usage
8.1
First published (updated )
IBM Cognos Analyticsjsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC
6.3
First published (updated )
IBM Cognos Analyticsjsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
7.6
First published (updated )
Auth0 passport-wsfed-saml2Passport-wsfed-saml2 vulnerable to Authentication Bypass for WSFed authentication
7.5
First published (updated )
Auth0 LockHTML injection with additional signup fields
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Auth0 Express Openid ConnectOpen Redirect in express-openid-connect
7.5
First published (updated )
Auth0 Express Openid ConnectSession fixation in express-openid-connect
8.8
First published (updated )
Auth0 Nextjs-auth0Reflected XSS from the callback handler's error query parameter
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Auth0 Ad\/ldap ConnectorCSRF in Auth0 ad-ldap-connector
8.8
First published (updated )
Auth0 Omniauth-auth0Regression in JWT Signature Validation
9.1
First published (updated )
Auth0 Auth0.jsAuthorization header is not sanitized in an error object in auth0
7.7
First published (updated )
Auth0 Express-jwtAuthorization bypass in express-jwt
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Auth0 Auth0.jsInformation disclosure through error object
5.5
First published (updated )
Auth0 Login By Auth0An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform …
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
nuget/Auth0.AuthenticationApiAuth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be acci…
7.5
First published (updated )
Auth0 Passport-SharePointAuth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Auth0 Auth0-WCF-Service-JWTAuth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signature in an error message when i…
9.8
First published (updated )
Auth0 Auth0.jsThe Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT audie…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Auth0 passport-wsfed-saml2A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3…
9.3
First published (updated )