Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/nextauthjs/next-auth
Authentication for the Web.
https://github.com/nextauthjs/next-auth
Moderate
Ecosystems: npm
Packages: next-auth
Source: github
Published: about 1 year ago
GSA_kwCzR0hTQS12NjR3LTQ5eHctcXE4Oc4AA3R1
Possible user mocking that bypasses basic authenticationEcosystems: npm
Packages: next-auth
Source: github
Published: about 1 year ago
High
Ecosystems: npm
Packages: next-auth
Source: github
Published: almost 2 years ago
GSA_kwCzR0hTQS03cjd4LTRjNHEtYzRxZs4AAyE2
Missing proper state, nonce and PKCE checks for OAuth authenticationEcosystems: npm
Packages: next-auth
Source: github
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: @next-auth/upstash-redis-adapter
Source: github
Published: about 2 years ago
GSA_kwCzR0hTQS00cnhyLTI3bW0tbXhxOc4AAvIm
Upstash Adapter missing token verificationEcosystems: npm
Packages: @next-auth/upstash-redis-adapter
Source: github
Published: about 2 years ago
Low
Ecosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS1wNm1tLTI3Z3EtOXYzcM4AAt2a
next-auth before v4.10.2 and v3.29.9 leaks excessive information into logEcosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
Critical
Ecosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS14djk3LWM2MnYtNDU4N84AAtxf
NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emailsEcosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
High
Ecosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS1wZ2p4LTdmOWctOTQ2M84AAtHy
Improper handling of email inputEcosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
High
Ecosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS1nNWZtLWpwOXYtMjQzMs4AAs5b
Improper Handling of `callbackUrl` parameter in next-authEcosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS1xMm14LWo0eDItMmg3NM4AArBA
URL Redirection to Untrusted Site ('Open Redirect') in next-authEcosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS1mOXdnLTVmNDYtY2ptd80_pg
NextAuth.js default redirect callback vulnerable to open redirectsEcosystems: npm
Packages: next-auth
Source: github
Published: over 2 years ago
Low
Ecosystems: npm
Packages: next-auth
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBnNTMtNTZjZy00bThx
Token verification bug in next-authEcosystems: npm
Packages: next-auth
Source: github
Published: almost 4 years ago