Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/07/11 5:38 p.m.7 views

CVE-2025-53548

Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...

7.5CVSS6.3AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2025/07/09 6:15 p.m.8 views

CVE-2025-53548

Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...

7.5CVSS0.00152EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/07/09 6:7 p.m.7 views

@async-atharv/ipaship (>=1.2.1 <=1.2.2), @bentwnghk/chat (>=1.85.2 <=1.107.2) +94 more potentially affected by CVE-2025-53548 via @clerk/backend (>=2.0.0 <=2.33.5)

@clerk/backend NPM version =2.0.0, =1.2.1, =1.85.2, =0.0.1, =3.0.3, =0.1.0, =2.8.0-snapshot.v20250514155045, =1.5.0-snapshot.v20250514155045, =2.3.0, =6.20.0-snapshot.v20250514155045, =1.7.0, =1.5.0, =4.8.0, =0.16.0, =1.7.0-snapshot.v20250514155045, =1.0.4, =1.0.7 and more Source cves:...

7.5CVSS5.7AI score0.00152EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/07/09 6:7 p.m.6 views

@unhook/cli (>=0.9.3 <=0.14.2) potentially affected by CVE-2025-53548 via @clerk/express (>=1.6.0 <=1.7.37)

@clerk/express NPM version =1.6.0, =0.9.3, =0.14.2 Source cves: CVE-2025-53548 Source advisory: OSV:GHSA-9MP4-77WG-RWX9...

7.5CVSS5.8AI score0.00152EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/07/09 5:12 p.m.3 views

CVE-2025-53548 @clerk/backend Performs Insufficient Verification of Data Authenticity

Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...

7.5CVSS6.5AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/09 5:12 p.m.13 views

CVE-2025-53548 @clerk/backend Performs Insufficient Verification of Data Authenticity

Clerk helps developers build user management. Applications that use the verifyWebhook helper to verify incoming Clerk webhooks are susceptible to accepting improperly signed webhook events. The issue was resolved in @clerk/backend 2.4.0...

7.5CVSS0.00152EPSS
Exploits0References1
Rows per page
Query Builder