CVE-2024-51753 Refresh tokens are logged when the debug flag is enabled in @workos-inc/authkit-remix

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.4.1. A...

CVE-2024-51753

CVE-2024-51753 affects the AuthKit Remix library (WorkOS/AuthKit with Remix). The vulnerability is an information exposure where refresh tokens are logged to the console when the debug flag is enabled. The issue has been patched in version 0.4.1; upgrading is advised. Affected behavior is limited...

CVE-2024-51753 Refresh tokens are logged when the debug flag is enabled in @workos-inc/authkit-remix

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.4.1. A...

CVE-2024-51753 Refresh tokens are logged when the debug flag is enabled in @workos-inc/authkit-remix

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.4.1. A...

GHSA-V2QH-F584-6HJ8 @workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled

Impact Refresh tokens are logged to the console when the disabled by default debug flag, is enabled. Patches Patched in https://github.com/workos/authkit-remix/releases/tag/v0.4.1...

@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled

Impact Refresh tokens are logged to the console when the disabled by default debug flag, is enabled. Patches Patched in https://github.com/workos/authkit-remix/releases/tag/v0.4.1...

@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

Impact Refresh tokens are logged to the console when the disabled by default debug flag, is enabled. Patches Patched in https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2...

GHSA-5WMG-9CVH-QW25 @workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

Impact Refresh tokens are logged to the console when the disabled by default debug flag, is enabled. Patches Patched in https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2...

AuthKit Remix Library 日志信息泄露漏洞

AuthKit Remix Library is a WorkOS open source library for authentication and session management. A logging information disclosure vulnerability exists in the AuthKit Remix Library, where a refresh token is logged to the console when the "debug" flag is enabled, which is disabled by default...

PT-2024-34883

Name of the Vulnerable Software and Affected Versions AuthKit library for Next.js versions prior to 0.13.2 Description The issue concerns the logging of refresh tokens to the console when the debug flag is enabled. This flag is disabled by default. There are no known workarounds for this issue...

AuthKit Next.js Library 日志信息泄露漏洞

AuthKit Next.js Library is an open source Next.js AuthKit library for WorkOS. A logging information disclosure vulnerability exists in the AuthKit Next.js Library, where a refresh token is logged to the console when the "debug" flag is enabled, which is disabled by default...

PT-2024-34884 · Authkit +1 · Authkit +1

Name of the Vulnerable Software and Affected Versions: AuthKit library for Remix versions prior to 0.4.1 Description: The issue concerns the logging of refresh tokens to the console when the debug flag is enabled. This flag is disabled by default. There are no known workarounds for this issue. Al...

CVE-2024-29901

The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the x-workos-session header. The vulnerability is patched in v0.4.2...

CVE-2024-29901 @workos-inc/authkit-nextjs session replay vulnerability

The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the x-workos-session header. The vulnerability is patched in v0.4.2...

CVE-2024-29901

CVE-2024-29901 concerns the AuthKit Next.js library. The issue arises from improper handling of expired sessions, allowing an attacker to reuse an expired session by controlling the x-workos-session header. Affected component: workOS/AuthKit Next.js integration (authkit-nextjs). Impact is describ...

CVE-2024-29901 @workos-inc/authkit-nextjs session replay vulnerability

The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the x-workos-session header. The vulnerability is patched in v0.4.2...

CVE-2024-29901 @workos-inc/authkit-nextjs session replay vulnerability

The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the x-workos-session header. The vulnerability is patched in v0.4.2...

AuthKit Next.js Library 安全漏洞

AuthKit Next.js Library is an open source AuthKit library for Next.js for WorkOS. A security vulnerability exists in AuthKit Next.js Library that originated from allowing an attacker to reuse expired sessions by controlling the x-workos-session header...

PT-2024-23122

Name of the Vulnerable Software and Affected Versions AuthKit library for Next.js versions prior to 0.4.2 Description The issue allows a user to reuse an expired session by controlling the x-workos-session header. This can be exploited to bypass session expiration. Recommendations For versions...

Apple tvOS licensing issue vulnerability

Apple tvOS is a smart TV operating system from Apple, Inc. Apple tvOS is vulnerable to an authorization issue stemming from improper AuthKit privilege management, which can be exploited by local attackers to bypass the authentication process...