auth0/auth0-php Security Advisories (3)
-
[LOW] auth0-PHP SDK Does Not Properly Handle File Types in Bulk User Import
PKSA-r19n-r8k1-m54h CVE-2025-58769 GHSA-9mh6-g99m-ppcw
Affected version: >=3.3.0,<=8.16.0
Reported by:
GitHub -
[CRITICAL] Auth0-PHP SDK Deserialization of Untrusted Data vulnerability
PKSA-sk32-hw5b-mdyw CVE-2025-48951 GHSA-v9m8-9xxp-q492
Affected version: >=8.0.0-BETA3,<8.3.1
Reported by:
GitHub -
[CRITICAL] Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK
PKSA-w6j7-c1kq-w6yb CVE-2025-47275 GHSA-g98g-r7gf-2r25
Affected version: >=8.0.0-BETA1,<8.14.0
Reported by:
GitHub