auth0/symfony Security Advisories for 5.1.0 (4)
-
[HIGH] Auth0 Symfony SDK has Insufficient Entropy in Cookie Encryption
PKSA-kmxg-njz7-dx5f GHSA-ghc5-95c2-vwcv
Affected version: >=5.0.0,<=5.7.0
Reported by:
GitHub -
[MEDIUM] Auth0 Symfony SDK has Improper Audience Validation via Auth0-PHP SDK
PKSA-3pss-my3n-f2df GHSA-f3r2-88mq-9v4g
Affected version: >=5.0.0,<=5.5.0
Reported by:
GitHub -
[LOW] Auth0 Symfony SDK Does Not Properly Handle File Types in Bulk User Import
PKSA-f26r-1nfs-j3hv GHSA-7jp2-5h22-m432
Affected version: >=2.0.2,<=5.4.1
Reported by:
GitHub -
[CRITICAL] Auth0 Symfony SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
PKSA-w2fj-tpxy-dys5 GHSA-9wg9-93h9-j8ch
Affected version: <5.4.0
Reported by:
GitHub