← Back to CVE List
CVE-2024-29901
The AuthKit library for Next.js provides helpers for authentication and session management using WorkOS & AuthKit with Next.js.
A user can reuse an expired session by controlling the `x-workos-session` header. The vulnerability is patched in v0.4.2.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt