Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

next-auth

Ecosystem:
npm
Package URL:
pkg:npm/next-auth
Total PRs:
2,208 Dependabot PRs
Latest PR:
6 days ago
Unique Repositories:
1,010 repositories
Unique Repos (30 days):
73 repositories
Security Advisories
NextAuthjs Email misdelivery Vulnerability
GHSA-5jpx-9hw9-2fx4 MODERATE published 7 months ago • updated about 2 months ago
### Summary NextAuth.js's email sign-in can be forced to deliver authentication emails to an attacker-controlled mailbox due to a bug in `nodemail...
Possible user mocking that bypasses basic authentication
GHSA-v64w-49xw-qq89 CVE-2023-48309 MODERATE published over 2 years ago • updated about 2 months ago
### Impact `next-auth` applications prior to version **4.24.5** that rely on the default [Middleware authorization](https://next-auth.js.org/confi...
Missing proper state, nonce and PKCE checks for OAuth authentication
GHSA-7r7x-4c4q-c4qf CVE-2023-27490 HIGH published about 3 years ago • updated 27 days ago
### Impact `next-auth` applications using OAuth provider versions before `v4.20.1` are affected. A bad actor who can spy on the victim's network o...
Improper handling of email input
GHSA-pgjx-7f9g-9463 CVE-2022-31127 HIGH published almost 4 years ago • updated 2 days ago
### Impact An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauth...
next-auth before v4.10.2 and v3.29.9 leaks excessive information into log
GHSA-p6mm-27gq-9v3p CVE-2022-31186 LOW published almost 4 years ago • updated 2 days ago
### Impact An information disclosure vulnerability in `next-auth` before `v4.10.2` and `v3.29.9` allows an attacker with log access privilege to ob...
View all 10 advisories
Recent PRs
RSS Feed
Bump the production-dependencies group across 1 directory with 44 updates

abduvali-web/ok #16

5.0.0-beta.30 → 5.0.0-beta.31
Open 6 days ago 1 comment
abduvali-web
Bump the minor-and-patch group across 1 directory with 14 updates

seanpgleeson-creator/shiftswapper #16

4.24.13 → 4.24.14 Patch PR
Open 6 days ago 1 comment
seanpgleeson-creator
deps(deps): bump the production-minor-patch group across 1 directory with 28 updates

rigote/penochao #17

4.24.13 → 4.24.14 Patch PR
Open 6 days ago 2 comments
rigote
deps(deps): bump the production-dependencies group across 1 directory with 20 updates

instructor-ship-it/roadfinder #19

4.24.13 → 4.24.14 Patch PR
Open 6 days ago 1 comment
instructor-ship-it
chore(deps): bump next-auth from 4.24.11 to 4.24.12

HybridAIWorkforce/AI-Ad-Workflow-App #24

4.24.11 → 4.24.12 Patch PR
Closed 7 days ago 1 comment
HybridAIWorkforce
chore(deps): bump next-auth from 4.24.11 to 4.24.12

HybridAIWorkforce/AI-Character-Generator #22

4.24.11 → 4.24.12 Patch PR
Closed 7 days ago 1 comment
HybridAIWorkforce
chore(deps): bump the patch-updates group across 1 directory with 53 updates

credebl/studio #1300

4.24.11 → 4.24.14 Patch PR
Open 7 days ago 1 comment
credebl
Bump the all-non-major group across 1 directory with 24 updates

deadoos266/NextImmo-main #10

4.24.13 → 4.24.14 Patch PR
Closed 7 days ago 1 comment
deadoos266
chore(deps): Bump next-auth from 5.0.0-beta.25 to 5.0.0-beta.30

MSK-Scripts/mskanban #6

5.0.0-beta.25 → 5.0.0-beta.30
Closed 7 days ago 1 comment
MSK-Scripts
Bump typeorm and next-auth

moh815815/my-store #10

3.29.10 → 4.24.14 Major PR
Open 9 days ago 2 comments
moh815815
Bump xml2js and next-auth

moh815815/my-store #9

3.29.10 → 4.24.14 Major PR
Closed 9 days ago 3 comments
moh815815
Bump next-auth from 3.29.10 to 4.24.12

moh815815/my-store #8

3.29.10 → 4.24.12 Major PR
Closed 9 days ago 4 comments
moh815815
chore(deps): bump next-auth from 5.0.0-beta.20 to 5.0.0-beta.31 in the auth group across 1 directory

Donuttouchme/manhwa-bookmarker #8

5.0.0-beta.20 → 5.0.0-beta.31
Closed 9 days ago 2 comments
Donuttouchme
Bump next-auth from 5.0.0-beta.30 to 5.0.0-beta.31

benvoluto/qualitative #19

5.0.0-beta.30 → 5.0.0-beta.31
Open 11 days ago 2 comments
benvoluto
Bump next and next-auth

joelhooks/inngest-resend-example #2

4.22.5 → 4.24.14 Minor PR
Open 11 days ago 2 comments
joelhooks
chore(deps): bump the dependencies group across 1 directory with 44 updates

Dushyant-rahangdale/OpsKnight #188

4.24.13 → 4.24.14 Patch PR
Open 11 days ago 2 comments
Dushyant-rahangdale
chore(deps): bump next-auth from 5.0.0-beta.30 to 5.0.0-beta.31

DNDACADEMY/dnd-academy-v2 #384

5.0.0-beta.30 → 5.0.0-beta.31
Closed 12 days ago 3 comments
DNDACADEMY
chore(deps): bump the minor-and-patch group across 1 directory with 51 updates

alan-turing-institute/AssurancePlatform #812

4.24.13 → 4.24.14 Patch PR
Open 12 days ago 1 comment
alan-turing-institute
Bump the dependencies group across 1 directory with 32 updates

s200077761/jaljal-platform #71

4.24.13 → 4.24.14 Patch PR
Closed 13 days ago 2 comments
s200077761
chore(deps): bump the all group in /web with 21 updates

gsaraiva2109/VinylVault #89

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 1 comment
gsaraiva2109
chore(deps): bump the minor-and-patch group across 1 directory with 44 updates

markec12345678/agentflow-pro #31

4.24.13 → 4.24.14 Patch PR
Closed 13 days ago 2 comments
markec12345678
deps(deps): bump the production-minor-patch group with 29 updates

rigote/penochao #3

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 2 comments
rigote
deps(npm): bump the ui-dependencies group with 28 updates

NinePiece2/LOL-Bootcamp-Tracker #73

5.0.0-beta.30 → 5.0.0-beta.31
Open 13 days ago 2 comments
NinePiece2
build(deps-dev): bump the dev-dependencies group across 1 directory with 15 updates

Life-Navigator/life-nav-mvp #50

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 3 comments
Life-Navigator
chore(deps): bump the dependencies group across 1 directory with 41 updates

MUA-India/mua #17

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 2 comments
MUA-India
chore(deps): bump the all-dependencies group across 1 directory with 38 updates

Clarion1631/probuild #102

4.24.13 → 4.24.14 Patch PR
Closed 13 days ago 1 comment
Clarion1631
chore(deps): bump the production-dependencies group across 1 directory with 4 updates

tbmobb813/United-Dev-Platform- #110

4.24.13 → 4.24.14 Patch PR
Open 14 days ago 7 comments
tbmobb813
Bump next-auth from 5.0.0-beta.30 to 5.0.0-beta.31

Miransas/miransas #10

5.0.0-beta.30 → 5.0.0-beta.31
Closed 14 days ago 1 comment
Miransas
Bump next-auth from 5.0.0-beta.30 to 5.0.0-beta.31 in /web

Miransas/binboi #14

5.0.0-beta.30 → 5.0.0-beta.31
Closed 14 days ago 1 comment
Miransas
Bump the production-dependencies group with 15 updates

yunbow/next-app-photohub #9

5.0.0-beta.30 → 5.0.0-beta.31
Closed 14 days ago 1 comment
yunbow
chore(deps): bump the minor-and-patch group across 1 directory with 33 updates

JevonThompsonx/jsquared_blog #32

4.24.13 → 4.24.14 Patch PR
Closed 14 days ago 3 comments
JevonThompsonx
build(deps): bump next-auth from 5.0.0-beta.30 to 5.0.0-beta.31

manabimini-lang/yohakuos2 #3

5.0.0-beta.30 → 5.0.0-beta.31
Open 14 days ago 2 comments
manabimini-lang
Bump the minor-and-patch group across 1 directory with 12 updates

seanpgleeson-creator/shiftswapper #15

4.24.13 → 4.24.14 Patch PR
Closed 14 days ago 2 comments
seanpgleeson-creator
Bump the npm_and_yarn group across 1 directory with 15 updates

reddevilprasun/webplus #2

5.0.0-beta.25 → 5.0.0-beta.30
Closed 15 days ago 2 comments
reddevilprasun
Bump the dev-dependencies group with 20 updates

Oshima-921/airtable-app #1

4.24.13 → 4.24.14 Patch PR
Closed 15 days ago 1 comment
Oshima-921
Build(deps): Bump the npm_and_yarn group across 1 directory with 6 updates

HakimDev-tech/nextjs-dashboard #2

5.0.0-beta.25 → 5.0.0-beta.30
Open 15 days ago 1 comment
HakimDev-tech
Bump the npm_and_yarn group across 1 directory with 10 updates

waleedGeorgy/Authority #2

5.0.0-beta.29 → 5.0.0-beta.30
Open 15 days ago 1 comment
waleedGeorgy
Bump the npm_and_yarn group across 1 directory with 26 updates

adrianwedd/Open-Assistant #1

4.22.1 → 4.24.14 Minor PR
Open 16 days ago 1 comment
adrianwedd
build(deps): bump next-auth from 5.0.0-beta.25 to 5.0.0-beta.31 in /frontend

vydon-io/vydon #41

5.0.0-beta.25 → 5.0.0-beta.31
Open 16 days ago 1 comment
vydon-io
Bump the npm_and_yarn group across 0 directory with 4 updates

TransHistoria/community #9

5.0.0-beta.25 → 5.0.0-beta.31
Open 16 days ago 2 comments
TransHistoria
chore(deps): Bump the minor-and-patch group across 1 directory with 21 updates

sasidoli-art/otiumpms #13

4.24.13 → 4.24.14 Patch PR
Closed 17 days ago 3 comments
sasidoli-art
Bump next and next-auth

NeedsAdjustment/korora #22

4.22.1 → 4.24.14 Minor PR
Open 18 days ago 1 comment
NeedsAdjustment
chore(deps)(deps): Bump next-auth from 5.0.0-beta.30 to 5.0.0-beta.31

OneGoodArea/OneGoodArea #26

5.0.0-beta.30 → 5.0.0-beta.31
Open 19 days ago 2 comments
OneGoodArea
deps(deps): bump the minor-and-patch group across 1 directory with 13 updates

the-wolfpack-agency/wolfpack-auto #24

4.24.13 → 4.24.14 Patch PR
Open 19 days ago 2 comments
the-wolfpack-agency
Bump the npm_and_yarn group across 1 directory with 11 updates

kxma-blazi/chatbot001 #1

5.0.0-beta.25 → 5.0.0-beta.30
Open 19 days ago 1 comment
kxma-blazi
build(deps): bump the npm-production group across 1 directory with 16 updates

damian756/commandcenter #1

4.24.13 → 4.24.14 Patch PR
Closed 20 days ago 2 comments
damian756
Bump the minor-and-patch group across 1 directory with 11 updates

seanpgleeson-creator/shiftswapper #14

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 1 comment
seanpgleeson-creator
chore(deps): bump the minor-and-patch group across 1 directory with 66 updates

raimp001/basehealth-core #50

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 2 comments
raimp001
deps(deps): bump the minor-and-patch group across 1 directory with 12 updates

the-wolfpack-agency/wolfpack-auto #20

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 2 comments
the-wolfpack-agency
chore(deps): bump the minor-and-patch group across 1 directory with 43 updates

markec12345678/agentflow-pro #30

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 1 comment
markec12345678
Package Details
Name: next-auth
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/next-auth
JSON API: View JSON
Security Advisories

10

Active advisories
CRITICAL 1
HIGH 3
MODERATE 4
LOW 2
View All npm Advisories
Package Information
Description:

Authentication for Next.js

Repository: https://github.com/nextauthjs/next-auth
Homepage: https://authjs.dev
Latest Release: 4.24.11
over 1 year ago
Dependent Repos: 19,200
Dependent Packages: 304
Downloads: 5,828,252
Ranking: Top 0.207% by dependent repos Top 0.184% by downloads Top 0.2307% by dependent pkgs
PR Status
Open 1,265 (57.3%)
Merged 58 (2.6%)
Closed 635 (28.8%)
PR Types
Major 22 (1.0%)
Minor 202 (9.1%)
Patch 502 (22.7%)