Next.js — открытый JavaScript фреймворк, созданный поверх React.js для создания веб-приложений
Релизный цикл, информация об уязвимостях
График релизов
Количество 82
GHSA-gp8f-8m3g-qvj9
Next.js Cache Poisoning
BDU:2024-07780
Уязвимость программной платформы создания веб-приложений Next.js, связанная с обходом авторизации посредством использования ключа, контролируемого пользователем, позволяющая нарушителю раскрыть защищаемую информацию
CVE-2024-39693
Next.js is a React framework. A Denial of Service (DoS) condition was identified in Next.js. Exploitation of the bug can trigger a crash, affecting the availability of the server. his vulnerability was resolved in Next.js 13.5 and later.
GHSA-fq54-2j52-jc42
Next.js Denial of Service (DoS) condition
CVE-2024-34351
Next.js is a React framework that can provide building blocks to create web applications. A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`. This vulnerability was fixed in Next.js `14.1.1`.
CVE-2024-34350
Next.js is a React framework that can provide building blocks to create web applications. Prior to 13.5.1, an inconsistent interpretation of a crafted HTTP request meant that requests are treated as both a single request, and two separate requests by Next.js, leading to desynchronized responses. This led to a response queue poisoning vulnerability in the affected Next.js versions. For a request to be exploitable, the affected route also had to be making use of the [rewrites](https://nextjs.org/docs/app/api-reference/next-config-js/rewrites) feature in Next.js. The vulnerability is resolved in Next.js `13.5.1` and newer.
GHSA-fr5h-rqp8-mj6g
Next.js Server-Side Request Forgery in Server Actions
GHSA-77r5-gw3j-2mpf
Next.js Vulnerable to HTTP Request Smuggling
GHSA-c59h-r6p8-q9wc
Next.js missing cache-control header may lead to CDN caching empty reply
CVE-2023-46298
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-gp8f-8m3g-qvj9 Next.js Cache Poisoning | CVSS3: 7.5 | 53% Средний | больше 1 года назад |
 | BDU:2024-07780 Уязвимость программной платформы создания веб-приложений Next.js, связанная с обходом авторизации посредством использования ключа, контролируемого пользователем, позволяющая нарушителю раскрыть защищаемую информацию | CVSS3: 7.5 | 53% Средний | больше 1 года назад |
 | CVE-2024-39693 Next.js is a React framework. A Denial of Service (DoS) condition was identified in Next.js. Exploitation of the bug can trigger a crash, affecting the availability of the server. his vulnerability was resolved in Next.js 13.5 and later. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| GHSA-fq54-2j52-jc42 Next.js Denial of Service (DoS) condition | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| CVE-2024-34351 Next.js is a React framework that can provide building blocks to create web applications. A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`. This vulnerability was fixed in Next.js `14.1.1`. | CVSS3: 7.5 | 92% Критический | больше 1 года назад |
| CVE-2024-34350 Next.js is a React framework that can provide building blocks to create web applications. Prior to 13.5.1, an inconsistent interpretation of a crafted HTTP request meant that requests are treated as both a single request, and two separate requests by Next.js, leading to desynchronized responses. This led to a response queue poisoning vulnerability in the affected Next.js versions. For a request to be exploitable, the affected route also had to be making use of the [rewrites](https://nextjs.org/docs/app/api-reference/next-config-js/rewrites) feature in Next.js. The vulnerability is resolved in Next.js `13.5.1` and newer. | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| GHSA-fr5h-rqp8-mj6g Next.js Server-Side Request Forgery in Server Actions | CVSS3: 7.5 | 92% Критический | больше 1 года назад |
| GHSA-77r5-gw3j-2mpf Next.js Vulnerable to HTTP Request Smuggling | CVSS3: 7.5 | 1% Низкий | больше 1 года назад |
| GHSA-c59h-r6p8-q9wc Next.js missing cache-control header may lead to CDN caching empty reply | 0% Низкий | около 2 лет назад | |
| CVE-2023-46298 Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN. | CVSS3: 7.5 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу