pkg:npm/@auth0/nextjs-auth0

All known vulnerabilities

• HIGH8.0CVE-2021-32702Reflected XSS from the callback handler's error query parameter
  from 0, < 1.4.2
• MEDIUM6.4CVE-2021-43812Open redirect in @auth0/nextjs-auth0
  from 0, < 1.6.2
• MEDIUM5.4CVE-2026-40155Auth0 Next.js SDK has Improper Proxy Cache Lookup
  >= 4.12.0, < 4.18.0
• MEDIUM5.4Improper Request Caching Lookup in the Auth0 Next.js SDK
  >= 4.11.0, < 4.11.2
• LOW3.7Improper Validation of Query Parameters in Auth0 Next.js SDK
  >= 4.9.0, < 4.13.0
• —NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies
  >= 4.0.1, < 4.6.1
• —Auth0 NextJS SDK v4 Missing Session Invalidation
  >= 4.0.1, < 4.5.1