Open redirect in @auth0/nextjs-auth0

🗓️ 16 Dec 2021 18:21:52Reported by GitHub Advisory DatabaseType

Open redirect vulnerability in @auth0/nextjs-auth0 version <=1.6.

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2021-43812 Open redirect in nextjs-auth0	16 Dec 202118:20	–	cvelist
Prion	Open redirect	16 Dec 202119:15	–	prion
NVD	CVE-2021-43812	16 Dec 202119:15	–	nvd
OSV	Open redirect in @auth0/nextjs-auth0	16 Dec 202118:52	–	osv
OSV	CVE-2021-43812	16 Dec 202119:15	–	osv
GitLab Advisory Database	URL Redirection to Untrusted Site ('Open Redirect')	16 Dec 202100:00	–	gitlab
CVE	CVE-2021-43812	16 Dec 202119:15	–	cve
Veracode	Open Redirection	17 Dec 202103:13	–	veracode

Vulners

Node

auth0 nextjs\-auth0Range<1.6.2

Source	Link
github	www.github.com/auth0/nextjs-auth0/security/advisories/GHSA-2mqv-4j3r-vjvp
github	www.github.com/auth0/nextjs-auth0/commit/0bbd9f8a0c93af51f607f28633b5fb18c5e48ad6
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-43812
github	www.github.com/advisories/GHSA-2mqv-4j3r-vjvp

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Dec 2021 18:52Current

3.6Low risk

Vulners AI Score3.6

CVSS25.8

CVSS36.1 - 6.4

EPSS0.00185

CWE-601