6 matches found
CVE-2025-53548
Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...
CVE-2025-53548
Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...
@async-atharv/ipaship (>=1.2.1 <=1.2.2), @bentwnghk/chat (>=1.85.2 <=1.107.2) +94 more potentially affected by CVE-2025-53548 via @clerk/backend (>=2.0.0 <=2.33.5)
@clerk/backend NPM version =2.0.0, =1.2.1, =1.85.2, =0.0.1, =3.0.3, =0.1.0, =2.8.0-snapshot.v20250514155045, =1.5.0-snapshot.v20250514155045, =2.3.0, =6.20.0-snapshot.v20250514155045, =1.7.0, =1.5.0, =4.8.0, =0.16.0, =1.7.0-snapshot.v20250514155045, =1.0.4, =1.0.7 and more Source cves:...
@unhook/cli (>=0.9.3 <=0.14.2) potentially affected by CVE-2025-53548 via @clerk/express (>=1.6.0 <=1.7.37)
@clerk/express NPM version =1.6.0, =0.9.3, =0.14.2 Source cves: CVE-2025-53548 Source advisory: OSV:GHSA-9MP4-77WG-RWX9...
CVE-2025-53548 @clerk/backend Performs Insufficient Verification of Data Authenticity
Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...
CVE-2025-53548 @clerk/backend Performs Insufficient Verification of Data Authenticity
Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...