MAL-2026-4305 Malicious code in auth0-net-sdk-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9cf6a5c13db1c0846ba64abd842d9980dddd9c0d66d3497d549779ccaea114b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview auth0-net-sdk-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in auth0-net-sdk-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9cf6a5c13db1c0846ba64abd842d9980dddd9c0d66d3497d549779ccaea114b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1783 Malicious code in auth0.net (npm)

--- -= Per source details. Do not edit below this line.=-...

Incorrect Access Control

auth0.net uses an incorrect access control. The IdentityTokenValidator can be used to validate untrusted ID tokens which can be used to bypass access controls and gain unauthorized access to the application...

CVE-2019-16929

Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...