Vulnerabilities > Auth0 > Express Openid Connect > 2.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-31 | CVE-2022-24794 | Open Redirect vulnerability in Auth0 Express Openid Connect Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. | 5.8 |
| 2021-12-09 | CVE-2021-41246 | Session Fixation vulnerability in Auth0 Express Openid Connect Express OpenID Connect is express JS middleware implementing sign on for Express web apps using OpenID Connect. | 6.8 |