CVE-2025-64762
- EPSS 0.08%
- Veröffentlicht 21.11.2025 01:29:22
- Zuletzt bearbeitet 11.12.2025 17:45:37
The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In authkit-nextjs version 2.11.0 and below, authenticated responses do not defensively apply anti-caching heade...
CVE-2024-51752
- EPSS 0.13%
- Veröffentlicht 05.11.2024 20:15:15
- Zuletzt bearbeitet 11.12.2025 17:45:40
The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the console when the disabled by default `debug` flag, is ena...
CVE-2024-29901
- EPSS 0.35%
- Veröffentlicht 29.03.2024 16:15:08
- Zuletzt bearbeitet 11.12.2025 17:45:43
The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js. A user can reuse an expired session by controlling the `x-workos-session` header. The vulnerability is patched in v0.4.2.