CVE-2024-22206

Published: Jan 12, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-22206" target="_blank" rel="noopener"> CVE-2024-22206
GHSA: <a href="https://github.com/advisories/GHSA-q6w5-jg5q-47vg" target="_blank" rel="noopener"> GHSA-q6w5-jg5q-47vg
Severity: Critical
Exploit:

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.