@aangeles/jefeui (>=1.10.0 <=1.11.6), @aipmorg/chat (=1.5.3) +54 more potentially affected by unknown CVE via next-auth (>=5.0.0-beta.11 <=5.0.0-beta.3)

next-auth NPM version =5.0.0-beta.11, =1.10.0, =1.10.3, =0.1.0, =1.2.4-main.7f918ee.29, =0.0.2, =1.0.0, =0.1.6, =0.152.1, =1.0.0, =0.106.0, =0.122.0-rc.13 - @irshadkhan-dev/pandapulse-db =0.0.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-NEXTAUTH-13744118...

@app-box/web (=1.0.0), @chirpy-dev/analytics (=0.0.1) +71 more potentially affected by unknown CVE via next-auth (>=0.0.0-manual.83c4ebd1 <=4.24.11)

next-auth NPM version =0.0.0-manual.83c4ebd1, =1.9.0, =3.0.0-canary.160.0, =2.0.1-canary.24.0, =0.1.0-0, =0.0.2, =1.0.0, =1.0.0, =4.0.0-alpha.24, =0.0.0-experimental-20260318092212, =0.0.0-experimental-20260318092212, =5.2.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5JPX-9HW9-2F...

@newskit-render/auth (>=0.5.1 <=0.31.0), @newskit-render/core (>=0.57.0 <=1.40.0) +4 more potentially affected by CVE-2022-35924 via next-auth (>=0.0.0-manual.83c4ebd1 <=3.1.0)

next-auth NPM version =0.0.0-manual.83c4ebd1, =0.5.1, =0.57.0, =0.35.0, =1.1.0, =0.0.1, =0.0.5 Source cves: CVE-2022-35924 Source advisory: OSV:GHSA-XV97-C62V-4587...

PT-2022-20596 · Next-Auth · Next-Auth

Name of the Vulnerable Software and Affected Versions: next-auth versions prior to v4.10.2 next-auth versions prior to v3.29.9 Description: An information disclosure issue allows an attacker with log access privilege to obtain excessive information, such as an identity provider's secret in the lo...

@5minds/processcube_docflow (>=1.3.2-develop-01bdfb-m4jp5iuo <=2.1.0-test-fb53a9-mispuplg), @adamjoelfraser/auth-drizzle (=1.0.0) +493 more potentially affected by CVE-2022-31127 via next-auth (>=4.10.3 <=4.5.0)

next-auth NPM version =4.10.3, =1.3.2-develop-01bdfb-m4jp5iuo, =0.1.20, =3.0.5, =3.0.3, =1.1.18, =1.1.63, =1.1.7, =1.0.77, =1.0.1, =0.1.0, =1.1.77 - @authjs-web3-providers/core =0.5.0 and more Source cves: CVE-2022-31127 Source advisory: OSV:GHSA-PGJX-7F9G-9463...

ZEIT Next.js 代码问题漏洞

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack and Babel.js. NextAuth.js is the authentication for Next.js. A code issue vulnerability exists in Next.js NextAuth.js versions prior to 3.29.5 and prior to 4.5.0 that stems from a lack of validati...

next-auth 输入验证错误漏洞

next-auth is a complete open source authentication solution for Next.js applications. A security vulnerability existed in next-auth before 3.29.2, there is no information about the vulnerability at this time, please keep checking CNNVD or vendor announcements...