Описание
Next.js is a React framework for building full-stack web applications. Prior to versions 14.2.32 and 15.4.7, when next() was used without explicitly passing the request object, it could lead to SSRF in self-hosted applications that incorrectly forwarded user-supplied headers. This vulnerability has been fixed in Next.js versions 14.2.32 and 15.4.7. All users implementing custom middleware logic in self-hosted environments are strongly encouraged to upgrade and verify correct usage of the next() function.
Ссылки
- Patch
- Vendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.2.32 (исключая)Версия от 15.0.0 (включая) до 15.4.7 (исключая)
Одно из
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
EPSS
Процентиль: 89%
0.04945
Низкий
6.5 Medium
CVSS3
8.2 High
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 6.5
github
19 дней назад
Next.js Improper Middleware Redirect Handling Leads to SSRF
EPSS
Процентиль: 89%
0.04945
Низкий
6.5 Medium
CVSS3
8.2 High
CVSS3
Дефекты
CWE-918