Lucene search
K

34 matches found

NVD
NVD
added 2024/11/05 8:15 p.m.30 views

CVE-2024-51752

The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.13...

5.5CVSS0.00247EPSS
Exploits0References3
NVD
NVD
added 2024/11/05 8:15 p.m.32 views

CVE-2024-51753

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.4.1. A...

2.1CVSS0.00215EPSS
Exploits0References3
OSV
OSV
added 2024/11/05 7:16 p.m.15 views

CVE-2024-51752 Refresh tokens are logged when the debug flag is enabled in @workos-inc/authkit-nextjs

The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the console when the disabled by default debug flag, is enabled. This issue has been patched in version 0.13...

2.1CVSS6.8AI score0.00247EPSS
Exploits0References5
OSV
OSV
added 2024/11/05 5:34 p.m.6 views

GHSA-5WMG-9CVH-QW25 @workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

Impact Refresh tokens are logged to the console when the disabled by default debug flag, is enabled. Patches Patched in https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2...

2CVSS6.3AI score0.00247EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/11/05 5:34 p.m.18 views

@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled

Impact Refresh tokens are logged to the console when the disabled by default debug flag, is enabled. Patches Patched in https://github.com/workos/authkit-nextjs/releases/tag/v0.13.2...

5.5CVSS6.7AI score0.00247EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.8 views

PT-2024-34883

Name of the Vulnerable Software and Affected Versions AuthKit library for Next.js versions prior to 0.13.2 Description The issue concerns the logging of refresh tokens to the console when the debug flag is enabled. This flag is disabled by default. There are no known workarounds for this issue...

5.5CVSS6.6AI score0.00247EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.4 views

AuthKit Next.js Library 日志信息泄露漏洞

AuthKit Next.js Library is an open source Next.js AuthKit library for WorkOS. A logging information disclosure vulnerability exists in the AuthKit Next.js Library, where a refresh token is logged to the console when the "debug" flag is enabled, which is disabled by default...

5.5CVSS6AI score0.00247EPSS
Exploits0References3
OSV
OSV
added 2023/06/02 5:15 p.m.1 views

DEBIAN-CVE-2023-23603

Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird 102.7...

6.5CVSS6.8AI score0.00641EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/01/25 3:18 p.m.6 views

Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive

The Mozilla Foundation Security Advisory describes this flaw as: Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
Veracode
Veracode
added 2021/02/25 6:28 a.m.33 views

Information Disclosure

ansible is vulnerable to information disclosure. The nolog feature is not enabled by default and confidential information such as secrets are logged to the console...

5.5CVSS1.8AI score0.00347EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2021/02/24 5:47 p.m.5 views

module: bitbucket_pipeline_variable exposes secured values

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucketpipeline credentials. The highest threat from this vulnerabili...

5.5CVSS6.8AI score0.003EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/03/03 12:49 p.m.66 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

5CVSS6.5AI score0.0523EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Firebug 1.03 Rep.JS Script Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23349/info Firebug is prone to a script-code-injection vulnerability because it fails to adequately escape user-supplied data. An attacker can exploit this issue to execute arbitrary script code in the context of the...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2003/01/24 12:0 a.m.31 views

5861 IP Filtering issues

Product: Efficient Networks 5861 DSL Router http://www.efficient.com/ebz/5800.html Tested version: 5.3.80 Latest firmware Advisory date: 10/01/2003 Severity: Moderate Details When using the built in IP filtering to block incoming TCP SYN flags, a simple port scan to the WAN interface of the route...

7.2AI score
Exploits0
Rows per page
Query Builder