Known vulnerabilities in NextAuth.js next-auth 3.29.5

Vendor: NextAuth.js

Website: https://github.com/nextauthjs

Total Security Bulletins: 6

Security bulletins (6)

Secuity bulletin	Severity	Status	Published
SB2023112076: Improper authentication in NextAuth.js	Low	Patched	20.11.2023
SB2023030953: CSRF in NextAuth.js	Medium	Patched	09.03.2023
SB2022081067: Improper authorization in NextAuth.js	Low	Patched	10.08.2022
SB2022080963: Information disclosure in NextAuth.js	Low	Patched	09.08.2022
SB2022071433: XSS in NextAuth.js	Medium	Patched	14.07.2022
SB2021021911: Authentication bypass in NextAuth.js Prisma database adapter	Medium	Patched	19.02.2021