Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:37320
HistorySep 29, 2022 - 3:31 a.m.

Authentication Bypass

2022-09-2903:31:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11

0.002 Low

EPSS

Percentile

58.6%

JSON

@next-auth/upstash-redis-adapter is vulnerable to authentication bypass. The vulnerability exists because the createVerificationToken function of index.ts does not properly check the token during the email verification, allowing an attacker to get information about the verification token’s expired duration

Related

github 1
prion 1
osv 2
cvelist 1
cve 1
cnvd 1
nvd 1
github
github
Upstash Adapter missing token verification
2022-09-30 05:31:32
prion
prion
Design/Logic Flaw
2022-09-28 21:15:00
osv
osv
Upstash Adapter missing token verification
2022-09-30 05:31:32
CVE-2022-39263
2022-09-28 21:15:14
cvelist
cvelist
CVE-2022-39263 NextAuth.js Upstash Adapter missing token verification
2022-09-28 21:05:09
cve
cve
CVE-2022-39263
2022-09-28 21:15:14
cnvd
cnvd
NextAuth.js authorization issue vulnerability
2022-09-30 00:00:00
nvd
nvd
CVE-2022-39263
2022-09-28 21:15:14

0.002 Low

EPSS

Percentile

58.6%

JSON
Related for VERACODE:37320
github1prion1osv2cvelist1cve1cnvd1nvd1