Количество 2
Количество 2
CVE-2020-5284
Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory. This issue is fixed in version 9.3.2.
GHSA-fq77-7p7r-83rj
Directory Traversal in Next.js
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-5284 Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory. This issue is fixed in version 9.3.2. | CVSS3: 4.4 | 77% Высокий | около 5 лет назад |
| GHSA-fq77-7p7r-83rj Directory Traversal in Next.js | CVSS3: 4.4 | 77% Высокий | около 5 лет назад |
Уязвимостей на страницу