CNNVD-202508-814 Information
CNNVD ID
CNNVD-202508-814
Related CVE
- CNNVD Published: 2025-08-09
Description (Chinese)
AuthKit React Router Library是WorkOS开源的一个在React Router 7中使用的身份验证和会话助手。 AuthKit React Router Library 0.6.1及之前版本存在信息泄露漏洞,该漏洞源于暴露了敏感认证工件,可能导致信息泄露。
Description (English)
AuthKit React Router Library is an identification and session assistant used in React Router 7 by the Open Source of WorkOS. There is a leak in AuthKit Reality Router Library 0.6.1 and previous versions, which stems from the exposure of sensitive authentication works, which may lead to the disclosure of information.
Hazard Level
Medium
Vulnerability Type
信息泄露
Affected Vendor
WorkOS
Published
2025-08-09
Last Modified
2026-02-24
References
https://github.com/workos/authkit-react-router/releases/tag/v0.7.0 https://github.com/workos/authkit-react-router/security/advisories/GHSA-vqvc-9q8x-vmq6 https://github.com/workos/authkit-react-router/commit/607caac658784962bab76e227f9c5820d0b9a9e5 https://access.redhat.com/security/cve/cve-2025-55008
Patch
https://github.com/workos/authkit-react-router/releases
Share on: