Skip to content

Refresh tokens are logged when the debug flag is enabled

Low
marji-workos published GHSA-v2qh-f584-6hj8 Nov 5, 2024

Package

npm @workos-inc/authkit-remix (npm)

Affected versions

< 0.4.1

Patched versions

0.4.1

Description

Impact

Refresh tokens are logged to the console when the disabled by default debug flag, is enabled.

Patches

Patched in https://github.com/workos/authkit-remix/releases/tag/v0.4.1

Severity

Low

CVE ID

CVE-2024-51753

Weaknesses

No CWEs