Количество 2
Количество 2
CVE-2024-22206
около 2 лет назад
Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.
CVSS3: 9
EPSS: Низкий
GHSA-q6w5-jg5q-47vg
около 2 лет назад
@clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR)
CVSS3: 9
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-22206 Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3. | CVSS3: 9 | 0% Низкий | около 2 лет назад |
| GHSA-q6w5-jg5q-47vg @clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR) | CVSS3: 9 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу
20