Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

next-auth

Ecosystem:
npm
Package URL:
pkg:npm/next-auth
Total PRs:
2,209 Dependabot PRs
Latest PR:
6 days ago
Unique Repositories:
1,011 repositories
Unique Repos (30 days):
62 repositories
Security Advisories
NextAuthjs Email misdelivery Vulnerability
GHSA-5jpx-9hw9-2fx4 MODERATE published 7 months ago • updated about 2 months ago
### Summary NextAuth.js's email sign-in can be forced to deliver authentication emails to an attacker-controlled mailbox due to a bug in `nodemail...
Possible user mocking that bypasses basic authentication
GHSA-v64w-49xw-qq89 CVE-2023-48309 MODERATE published over 2 years ago • updated about 2 months ago
### Impact `next-auth` applications prior to version **4.24.5** that rely on the default [Middleware authorization](https://next-auth.js.org/confi...
Missing proper state, nonce and PKCE checks for OAuth authentication
GHSA-7r7x-4c4q-c4qf CVE-2023-27490 HIGH published about 3 years ago • updated 27 days ago
### Impact `next-auth` applications using OAuth provider versions before `v4.20.1` are affected. A bad actor who can spy on the victim's network o...
Improper handling of email input
GHSA-pgjx-7f9g-9463 CVE-2022-31127 HIGH published almost 4 years ago • updated 3 days ago
### Impact An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauth...
next-auth before v4.10.2 and v3.29.9 leaks excessive information into log
GHSA-p6mm-27gq-9v3p CVE-2022-31186 LOW published almost 4 years ago • updated 3 days ago
### Impact An information disclosure vulnerability in `next-auth` before `v4.10.2` and `v3.29.9` allows an attacker with log access privilege to ob...
View all 10 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump the minor-and-patch group across 1 directory with 14 updates

seanpgleeson-creator/shiftswapper #16

4.24.13 → 4.24.14 Patch PR
Open 6 days ago 1 comment
seanpgleeson-creator
deps(deps): bump the production-minor-patch group across 1 directory with 28 updates

rigote/penochao #17

4.24.13 → 4.24.14 Patch PR
Open 7 days ago 2 comments
rigote
deps(deps): bump the production-dependencies group across 1 directory with 20 updates

instructor-ship-it/roadfinder #19

4.24.13 → 4.24.14 Patch PR
Open 7 days ago 1 comment
instructor-ship-it
chore(deps): bump next-auth from 4.24.11 to 4.24.12

HybridAIWorkforce/AI-Ad-Workflow-App #24

4.24.11 → 4.24.12 Patch PR
Closed 7 days ago 1 comment
HybridAIWorkforce
chore(deps): bump next-auth from 4.24.11 to 4.24.12

HybridAIWorkforce/AI-Character-Generator #22

4.24.11 → 4.24.12 Patch PR
Closed 7 days ago 1 comment
HybridAIWorkforce
chore(deps): bump the patch-updates group across 1 directory with 53 updates

credebl/studio #1300

4.24.11 → 4.24.14 Patch PR
Open 7 days ago 1 comment
credebl
Bump the all-non-major group across 1 directory with 24 updates

deadoos266/NextImmo-main #10

4.24.13 → 4.24.14 Patch PR
Closed 7 days ago 1 comment
deadoos266
chore(deps): bump the dependencies group across 1 directory with 44 updates

Dushyant-rahangdale/OpsKnight #188

4.24.13 → 4.24.14 Patch PR
Open 11 days ago 2 comments
Dushyant-rahangdale
chore(deps): bump the minor-and-patch group across 1 directory with 51 updates

alan-turing-institute/AssurancePlatform #812

4.24.13 → 4.24.14 Patch PR
Open 12 days ago 1 comment
alan-turing-institute
Bump the dependencies group across 1 directory with 32 updates

s200077761/jaljal-platform #71

4.24.13 → 4.24.14 Patch PR
Closed 13 days ago 2 comments
s200077761
chore(deps): bump the all group in /web with 21 updates

gsaraiva2109/VinylVault #89

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 1 comment
gsaraiva2109
chore(deps): bump the minor-and-patch group across 1 directory with 44 updates

markec12345678/agentflow-pro #31

4.24.13 → 4.24.14 Patch PR
Closed 13 days ago 2 comments
markec12345678
deps(deps): bump the production-minor-patch group with 29 updates

rigote/penochao #3

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 2 comments
rigote
build(deps-dev): bump the dev-dependencies group across 1 directory with 15 updates

Life-Navigator/life-nav-mvp #50

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 3 comments
Life-Navigator
chore(deps): bump the dependencies group across 1 directory with 41 updates

MUA-India/mua #17

4.24.13 → 4.24.14 Patch PR
Open 13 days ago 2 comments
MUA-India
chore(deps): bump the all-dependencies group across 1 directory with 38 updates

Clarion1631/probuild #102

4.24.13 → 4.24.14 Patch PR
Closed 14 days ago 1 comment
Clarion1631
chore(deps): bump the production-dependencies group across 1 directory with 4 updates

tbmobb813/United-Dev-Platform- #110

4.24.13 → 4.24.14 Patch PR
Open 14 days ago 7 comments
tbmobb813
chore(deps): bump the minor-and-patch group across 1 directory with 33 updates

JevonThompsonx/jsquared_blog #32

4.24.13 → 4.24.14 Patch PR
Closed 14 days ago 3 comments
JevonThompsonx
Bump the minor-and-patch group across 1 directory with 12 updates

seanpgleeson-creator/shiftswapper #15

4.24.13 → 4.24.14 Patch PR
Closed 15 days ago 2 comments
seanpgleeson-creator
Bump the dev-dependencies group with 20 updates

Oshima-921/airtable-app #1

4.24.13 → 4.24.14 Patch PR
Closed 16 days ago 1 comment
Oshima-921
chore(deps): Bump the minor-and-patch group across 1 directory with 21 updates

sasidoli-art/otiumpms #13

4.24.13 → 4.24.14 Patch PR
Closed 18 days ago 3 comments
sasidoli-art
deps(deps): bump the minor-and-patch group across 1 directory with 13 updates

the-wolfpack-agency/wolfpack-auto #24

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 2 comments
the-wolfpack-agency
build(deps): bump the npm-production group across 1 directory with 16 updates

damian756/commandcenter #1

4.24.13 → 4.24.14 Patch PR
Closed 20 days ago 2 comments
damian756
Bump the minor-and-patch group across 1 directory with 11 updates

seanpgleeson-creator/shiftswapper #14

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 1 comment
seanpgleeson-creator
chore(deps): bump the minor-and-patch group across 1 directory with 66 updates

raimp001/basehealth-core #50

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 2 comments
raimp001
deps(deps): bump the minor-and-patch group across 1 directory with 12 updates

the-wolfpack-agency/wolfpack-auto #20

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 2 comments
the-wolfpack-agency
chore(deps): bump the minor-and-patch group across 1 directory with 43 updates

markec12345678/agentflow-pro #30

4.24.13 → 4.24.14 Patch PR
Open 20 days ago 1 comment
markec12345678
deps(deps): bump next-auth from 4.24.13 to 4.24.14

JuanNephrota/UrNammu-community #15

4.24.13 → 4.24.14 Patch PR
Open 21 days ago 1 comment
JuanNephrota
chore(deps): bump the production-deps group across 1 directory with 31 updates

eltahawyomar001-eng/SchichtPlan #24

4.24.13 → 4.24.14 Patch PR
Open 21 days ago 2 comments
eltahawyomar001-eng
deps: bump the npm-minor-patch group across 1 directory with 23 updates

alexeyshr/bridge_system_editor #34

4.24.13 → 4.24.14 Patch PR
Closed 21 days ago 2 comments
alexeyshr
chore(deps): bump the minor-and-patch group across 1 directory with 22 updates

parth012001/taskflow-ops #26

4.24.13 → 4.24.14 Patch PR
Open 21 days ago 1 comment
parth012001
chore(deps): bump the production-dependencies group across 1 directory with 41 updates

Vayva-Tech/vayva #23

4.24.13 → 4.24.14 Patch PR
Closed 28 days ago 3 comments
Vayva-Tech
deps: bump the all-dependencies group across 1 directory with 12 updates

qyzh/dir-diare #122

4.24.13 → 4.24.14 Patch PR
Open 28 days ago 2 comments
qyzh
npm: bump next-auth from 4.24.5 to 4.24.14

samiwarraich/bookit #732

4.24.5 → 4.24.14 Patch PR
Open 28 days ago 1 comment
samiwarraich
deps: bump the npm-minor-patch group across 1 directory with 22 updates

alexeyshr/bridge_system_editor #33

4.24.13 → 4.24.14 Patch PR
Closed 28 days ago 2 comments
alexeyshr
deps(deps): bump the production-dependencies group across 1 directory with 12 updates

kamitokusaric-lang/vitanota #11

4.24.13 → 4.24.14 Patch PR
Open 28 days ago 1 comment
kamitokusaric-lang
deps(deps): bump the minor-and-patch group across 1 directory with 10 updates

the-wolfpack-agency/wolfpack-auto #12

4.24.13 → 4.24.14 Patch PR
Closed 29 days ago 3 comments
the-wolfpack-agency
Bump the npm-weekly group across 1 directory with 19 updates

SiliconCapitalAI/my-dashclaw #7

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 2 comments
SiliconCapitalAI
chore(deps): bump the minor-and-patch group across 1 directory with 31 updates

JevonThompsonx/jsquared_blog #30

4.24.13 → 4.24.14 Patch PR
Closed about 1 month ago 3 comments
JevonThompsonx
chore(deps): bump the minor-updates group with 22 updates

CandeeGenerations/read-your-bible-through #72

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 2 comments
CandeeGenerations
Bump the npm_and_yarn group across 2 directories with 10 updates

314systems/opennextjs-cloudflare #10

4.24.11 → 4.24.12 Patch PR
Closed about 1 month ago 1 comment
314systems
chore(deps): bump the minor-and-patch group across 1 directory with 42 updates

alan-turing-institute/AssurancePlatform #808

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 2 comments
alan-turing-institute
chore(deps): bump next-auth from 4.24.13 to 4.24.14

VpkDevs/Shipwright #22

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 2 comments
VpkDevs
chore(frontend)(deps): bump next-auth from 4.24.13 to 4.24.14 in /frontend

abhartia/rentaldeductions #50

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 1 comment
abhartia
chore(deps): bump the production-deps group across 1 directory with 25 updates

eltahawyomar001-eng/SchichtPlan #22

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 2 comments
eltahawyomar001-eng
chore(deps): bump the production-dependencies group with 12 updates

SATYAM-PRATIBHAN/arcmindAI #102

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 2 comments
SATYAM-PRATIBHAN
deps(deps): bump the production-dependencies group across 1 directory with 11 updates

kamitokusaric-lang/vitanota #9

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 2 comments
kamitokusaric-lang
chore(deps): bump the minor-and-patch group across 1 directory with 69 updates

CleanExpo/RestoreAssist #777

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 3 comments
CleanExpo
Bump the minor-and-patch group across 1 directory with 17 updates

williambie/cabinplanner #14

4.24.13 → 4.24.14 Patch PR
Open about 1 month ago 3 comments
williambie
Bump the npm_and_yarn group across 1 directory with 18 updates

mdazfar2/HelpOps-Hub #1502

4.24.7 → 4.24.12 Patch PR
Closed about 1 month ago 3 comments
mdazfar2
Package Details
Name: next-auth
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/next-auth
JSON API: View JSON
Security Advisories

10

Active advisories
CRITICAL 1
HIGH 3
MODERATE 4
LOW 2
View All npm Advisories
Package Information
Description:

Authentication for Next.js

Repository: https://github.com/nextauthjs/next-auth
Homepage: https://authjs.dev
Latest Release: 4.24.11
over 1 year ago
Dependent Repos: 19,200
Dependent Packages: 304
Downloads: 5,828,252
Ranking: Top 0.207% by dependent repos Top 0.184% by downloads Top 0.2307% by dependent pkgs
PR Status
Open 1,265 (57.3%)
Merged 58 (2.6%)
Closed 636 (28.8%)
PR Types
Major 22 (1.0%)
Minor 202 (9.1%)
Patch 502 (22.7%)