Lucene search
Veracode Vulnerability DatabaseVERACODE:46097HistoryApr 01, 2024 - 3:29 a.m.
Session Fixation
2024-04-0103:29:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
session fixation
expired sessions
header control
@workos-inc/authkit-nextjs vulnerable to Session Fixation. This vulnerability is due to the improper handling of expired sessions within session.ts. This allowing an attacker to reuse an expired session by controlling the x-workos-session header.
| CPE | Name | Operator | Version |
|---|---|---|---|
| @workos-inc/authkit-nextjs | le | 0.4.1 | |
| @workos-inc/authkit-nextjs | le | 0.4.1 |
Related
cve
cve
CVE-2024-29901
2024-03-29 16:15:08
github
github
@workos-inc/authkit-nextjs session replay vulnerability
2024-03-29 20:16:00
osv
osv
CVE-2024-29901
2024-03-29 16:15:08
@workos-inc/authkit-nextjs session replay vulnerability
2024-03-29 20:16:00
cvelist
cvelist
CVE-2024-29901 @workos-inc/authkit-nextjs session replay vulnerability
2024-03-29 15:23:02