6 matches found
EUVD-2025-178255
Malicious code in json-protractor-nestjs-auth0 npm...
MAL-2025-186876 Malicious code in event-husky-tachyon-auth0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47d6d40bbd46796ffe0433b9e3e0fd88b76fb46ceb7a4973ff526bea29bf1b9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113734
Malicious code in express-fetch-build-auth0 npm...
EUVD-2025-116901
Malicious code in achernar-magellan-server-auth0 npm...
CVE-2020-15125
In auth0 npm package versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. The key for Authorization header is not sanitized and in certain cases the Authorization header value can be logged exposing a bearer...
CVE-2020-15125
In auth0 npm package versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. The key for Authorization header is not sanitized and in certain cases the Authorization header value can be logged exposing a bearer...