6 matches found
CVE-2025-68129
CVSS and description : CVE-2025-68129 relates to improper audience validation in Auth0-PHP, potentially allowing ID tokens to be accepted as access tokens. The issue affects Auth0-PHP versions 8.0.0 through 8.17.0, and applications using dependent SDKs that rely on those Auth0-PHP versions: Symfo...
EUVD-2025-203985
Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. In applications built with the Auth0-PHP SDK, the audience validation in access tokens is performed improperly. Without proper validation, affected applications may accept ID tokens as Access tokens. Projects are affected if the...
EUVD-2025-203982
Auth0 WordPress has Improper Audience Validation via Auth0-PHP SDK Dependency...
EUVD-2025-203983
Auth0 Symfony SDK has Improper Audience Validation via Auth0-PHP SDK...
GHSA-7HH9-GP72-WH7H Auth0 Laravel SDK has Improper Audience Validation via Auth0-PHP SDK dependency
Description In applications built with the Auth0-PHP SDK, the audience validation in access tokens is performed improperly. Without proper validation, affected applications may accept ID tokens as Access tokens. Affected product and versions Users are affected if they meet the following...
GHSA-J2VM-WRQ3-F7GF Auth0-PHP SDK has Improper Audience Validation
Description In applications built with the Auth0-PHP SDK, the audience validation in access tokens is performed improperly. Without proper validation, affected applications may accept ID tokens as Access tokens. Affected product and versions Projects are affected if they meet the following...