Clerk

Javascript

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2026-34076

  • EPSS 0.05%
  • Veröffentlicht 01.04.2026 16:59:21
  • Zuletzt bearbeitet 03.04.2026 16:10:52

Clerk JavaScript is the official JavaScript repository for Clerk authentication. In @clerk/hono from versions 0.1.0 to before 0.1.5, @clerk/express from versions 2.0.0 to before 2.0.7, @clerk/backend from versions 3.0.0 to before 3.2.3, and @clerk/fa...

7.5

CVE-2025-53548

  • EPSS 0.04%
  • Veröffentlicht 09.07.2025 17:12:10
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Clerk helps developers build user management. Applications that use the verifyWebhook() helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0.

9.8

CVE-2024-22206

  • EPSS 0.26%
  • Veröffentlicht 12.01.2024 20:15:47
  • Zuletzt bearbeitet 21.11.2024 08:55:47

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.