Description

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.

INFO

Published Date :

2025-12-10T22:16:08.262Z

Last Modified :

2025-12-11T15:38:34.314Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-67490 vulnerability.

Vendors Products
Auth0
  • Nextjs-auth0
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-67490.

URL Resource
https://github.com/auth0/nextjs-auth0/commit/26cc8a7c60f4b134700912736f991a25bd6bbf0b cve-icon cve-icon
https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-wcgj-f865-c7j7 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact