CVE-2024-22206

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-22206
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22206.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-22206
Aliases
Related
Published
2024-01-12T20:15:47Z
Modified
2025-05-17T08:33:23Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.

References

Affected packages

Git / github.com/clerk/javascript

Affected ranges

Type
GIT
Repo
https://github.com/clerk/javascript
Events