@clerk/nextjs@7.3.5
📦 clerkView on GitHub →
🐛 1 fixes🔧 1 symbols
Summary
This patch release addresses a high-severity security vulnerability in the Next.js App Router by updating the `next` devDependency. It also updates several internal Clerk packages.
Migration Steps
- If you use the Next.js App Router, upgrade to Next.js `15.5.18`, `16.2.6`, or a later patched release to resolve the security vulnerability.
🐛 Bug Fixes
- Patched a high-severity (CVSS 7.5) Middleware/Proxy bypass vulnerability in Next.js App Router applications via segment-prefetch routes (incomplete-fix follow-up) by bumping `next` devDependency to `15.5.18`.