7 matches found
GHSA-C9CG-Q8R2-XVJQ Improper Authentication in Auth0.AuthenticationApi
Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...
Incorrect Access Control
auth0.net uses an incorrect access control. The IdentityTokenValidator can be used to validate untrusted ID tokens which can be used to bypass access controls and gain unauthorized access to the application...
CVE-2019-16929
Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...
CVE-2019-16929
Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...
CVE-2019-16929
Auth0 .NET library (auth0.net) prior to version 6.5.4 contains an Incorrect Access Control vulnerability: IdentityTokenValidator can be used to validate untrusted ID tokens, potentially bypassing access controls. Affected component is the IdentityTokenValidator in auth0.net; the root cause is imp...
CVE-2019-16929
Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...
Improper Authentication
Auth0 auth0.net has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...