Auth0 Schwachstellen

Zeitverlauf

Typ

Not Defined	8
JavaScript Library	4

Produkt

Auth0 Next.js SDK	2
Auth0 Auth0-WCF-Service-JWT	2
Auth0 Passport-SharePoint	2
Auth0 angular-jwt	2
Auth0 auth0-aspnet	2

Massnahmen

Official Fix	10
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	2

Ausnutzbarkeit

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	12

Zugriffsart

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	12

Authentisierung

Not Defined	0
High	0
Low	0
None	12

Benutzeraktivität

Not Defined	0
Required	6
None	6

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	0
≤6	2
≤7	4
≤8	4
≤9	0
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	2
≤4	0
≤5	0
≤6	2
≤7	4
≤8	4
≤9	0
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	2
≤5	4
≤6	2
≤7	0
≤8	4
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	4
≤8	2
≤9	2
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	4
<2k	6
<5k	2
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	12
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (12): Auth0-WCF-Service-JWT (1), Express OpenID Connect (1), Lock (1), Next.js (1), Next.js SDK (1), Passport-SharePoint (1), angular-jwt (1), auth0-aspnet (1), auth0-aspnet-owin (1), auth0-lock (1), auth0.js Library (2), passport-wsfed-saml2 (1)

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
17.12.2021	6.3	6.2	Auth0 Next.js Login URL Redirect	JavaScript Library	Not Defined	Official Fix	0.00061	0.00	CVE-2021-43812
09.12.2021	6.6	6.5	Auth0 Express OpenID Connect Session Cookie schwache Authentisierung	Unbekannt	Not Defined	Official Fix	0.00212	0.00	CVE-2021-41246
26.06.2021	3.1	3.0	Auth0 Next.js SDK Cross Site Scripting	JavaScript Library	Not Defined	Official Fix	0.00174	0.00	CVE-2021-32702
05.06.2021	3.5	3.4	Auth0 auth0-lock Sign In Cross Site Scripting	Unbekannt	Not Defined	Official Fix	0.00109	0.00	CVE-2021-32641
03.02.2020	5.2	5.1	Auth0 Lock additionalSignUpFields Cross Site Scripting	Unbekannt	Not Defined	Official Fix	0.00112	0.04	CVE-2019-20174
25.07.2019	7.3	7.1	Auth0 Passport-SharePoint Access Token schwache Authentisierung	Unbekannt	Not Defined	Official Fix	0.00092	0.00	CVE-2019-13483
11.04.2019	7.5	7.4	Auth0 Auth0-WCF-Service-JWT Error Message Signature schwache Authentisierung	Unbekannt	Not Defined	Official Fix	0.00222	0.00	CVE-2019-7644
29.08.2018	6.5	6.5	Auth0 auth0-aspnet/auth0-aspnet-owin oAuth 2.0 Cross Site Request Forgery	Unbekannt	Not Defined	Not Defined	0.00073	0.00	CVE-2018-15121
19.06.2018	6.9	6.6	Auth0 angular-jwt Regular Expression erweiterte Rechte	JavaScript Library	Not Defined	Official Fix	0.00137	0.03	CVE-2018-11537
06.03.2018	6.5	6.2	Auth0 auth0.js Library Cross Site Request Forgery	Software Library	Not Defined	Official Fix	0.00073	0.00	CVE-2018-7307

2 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 2 results.

◂ ZurückÜbersichtWeiter ▸

Do you need the next level of professionalism?

Upgrade your account now!