CVE-2020-15125: Generation of Error Message Containing Sensitive Information
(updated )
In auth0 (npm package) and you are using a Machine to Machine application authorized to use Auth0’s management API
References
- github.com/advisories/GHSA-5jpf-pj32-xx53
- github.com/auth0/node-auth0/pull/507
- github.com/auth0/node-auth0/pull/507/commits/62ca61b3348ec8e74d7d00358661af1a8bc98a3c
- github.com/auth0/node-auth0/security/advisories/GHSA-5jpf-pj32-xx53
- github.com/auth0/node-auth0/tree/v2.27.1
- nvd.nist.gov/vuln/detail/CVE-2020-15125
Detect and mitigate CVE-2020-15125 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →