CVE-2024-51753 Information

Description

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In affected versions refresh tokens are logged to the console when the disabled by default debug flag is enabled. This issue has been patched in version 0.4.1. All users are advised to upgrade. There are no known workarounds for this vulnerability.

Reference

https://github.com/workos/authkit-remix/security/advisories/GHSA-v2qh-f584-6hj8 https://github.com/workos/authkit-remix/commit/32d5bcd54c795c1e2a3204f8e3977ab9ad57ec06 https://github.com/workos/authkit-remix/releases/tag/v0.4.1