pkg:npm/@auth0/nextjs-auth0

7 total CVEsHIGH1MEDIUM3LOW1

✅ Check your installed version

All known vulnerabilities

  • HIGH8.0CVE-2021-32702Reflected XSS from the callback handler's error query parameter
    from 0, < 1.4.2
  • MEDIUM6.4CVE-2021-43812Open redirect in @auth0/nextjs-auth0
    from 0, < 1.6.2
  • MEDIUM5.4CVE-2026-40155Auth0 Next.js SDK has Improper Proxy Cache Lookup
    >= 4.12.0, < 4.18.0
  • MEDIUM5.4CVE-2025-67490Improper Request Caching Lookup in the Auth0 Next.js SDK
    >= 4.11.0, < 4.11.2
  • LOW3.7CVE-2025-67716Improper Validation of Query Parameters in Auth0 Next.js SDK
    >= 4.9.0, < 4.13.0
  • CVE-2025-48947NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies
    >= 4.0.1, < 4.6.1
  • CVE-2025-46344Auth0 NextJS SDK v4 Missing Session Invalidation
    >= 4.0.1, < 4.5.1