auth0/login Security Advisories for 7.12.0 (4)
-
[HIGH] Auth0 laravel-auth0 SDK has Insufficient Entropy in Cookie Encryption
PKSA-9fpd-p7cq-9hfg GHSA-fmg6-246m-9g2v
Affected version: >=7.0.0,<=7.20.0
Reported by:
GitHub -
[MEDIUM] Auth0 Laravel SDK has Improper Audience Validation via Auth0-PHP SDK dependency
PKSA-y6vp-t32r-dgs1 GHSA-7hh9-gp72-wh7h
Affected version: >=7.0.0,<7.20.0
Reported by:
GitHub -
[LOW] laravel-auth0 SDK Does Not Properly Handle File Types in Bulk User Import
PKSA-gczm-ztvk-kyyg GHSA-hjfh-5jmm-xr24
Affected version: >=4.0.0,<=7.18.0
Reported by:
GitHub -
[CRITICAL] laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
PKSA-f2z5-ww92-ckhs GHSA-9fwj-9mjf-rhj3
Affected version: <7.17.0
Reported by:
GitHub