GHSA-c9cg-q8r2-xvjq

Source
https://github.com/advisories/GHSA-c9cg-q8r2-xvjq
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/10/GHSA-c9cg-q8r2-xvjq/GHSA-c9cg-q8r2-xvjq.json
Aliases
Published
2019-10-24T20:56:12Z
Modified
2023-11-08T04:01:22.386634Z
Details

Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens.

References

Affected packages

NuGet / Auth0.AuthenticationApi

Package

Name
Auth0.AuthenticationApi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.8.0
Fixed
6.5.4

Affected versions

5.*

5.8.0
5.9.0
5.10.0
5.11.0

6.*

6.0.0
6.1.0
6.2.0
6.3.0
6.4.0
6.5.0
6.5.1
6.5.2
6.5.3