Known vulnerabilities in NextAuth.js next-auth 4.0.3

Vendor: NextAuth.js

Website: https://github.com/nextauthjs

Total Security Bulletins: 7

Security bulletins (7)

Secuity bulletin	Severity	Status	Published
SB2023112076: Improper authentication in NextAuth.js	Low	Patched	20.11.2023
SB2023030953: CSRF in NextAuth.js	Medium	Patched	09.03.2023
SB2022081067: Improper authorization in NextAuth.js	Low	Patched	10.08.2022
SB2022080963: Information disclosure in NextAuth.js	Low	Patched	09.08.2022
SB2022071433: XSS in NextAuth.js	Medium	Patched	14.07.2022
SB2022060728: Open redirect in NextAuth.js OAuth 1 provider	Low	Patched	07.06.2022
SB2022042924: Open redirect in NextAuth.js	Low	Patched	29.04.2022