Security Advisories - auth0/auth0-php - Packagist.org

auth0/auth0-php Security Advisories for 8.17.0 (2)

[HIGH] Auth0 PHP SDK has Insufficient Entropy in Cookie Encryption

PKSA-3nzc-cgjr-2gwf CVE-2026-34236 GHSA-w3wc-44p4-m4j7

Affected version: >=8.0.0,<=8.18.0

Reported by:
GitHub
[MEDIUM] Auth0-PHP SDK has Improper Audience Validation

PKSA-xk7h-d6qg-hj3r CVE-2025-68129 GHSA-j2vm-wrq3-f7gf

Affected version: >=8.0.0,<8.18.0

Reported by:
GitHub