Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistGitHub_MCVELIST:CVE-2021-37699
HistoryAug 11, 2021 - 11:15 p.m.

CVE-2021-37699 Open Redirect in Next.js versions below 11.1.0

2021-08-1123:15:10
CWE-601
GitHub_M
raw.githubusercontent.com
3

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.7%

JSON

Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker’s domain from a trusted domain. We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. The issue has been patched in release 11.1.0.

Related

cve 1
nodejs 1
cnvd 1
osv 2
prion 1
github 1
ibm 2
cve
cve
CVE-2021-37699
2021-08-12 00:15:00
nodejs
nodejs
Open Redirect in Next.js
2021-08-12 14:51:58
cnvd
cnvd
ZEIT Next.js Input Validation Error Vulnerability (CNVD-2021-61800)
2021-08-12 00:00:00
osv
osv
Open Redirect in Next.js
2021-08-12 14:51:14
CVE-2021-37699
2021-08-12 00:15:06
prion
prion
Open redirect
2021-08-12 00:15:00
github
github
Open Redirect in Next.js
2021-08-12 14:51:14
ibm
ibm
Security Bulletin: IBM QRadar User Behavior Analytics is vulnerable to components with known vulnerabilities
2023-08-31 10:37:02
Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities
2022-04-01 16:38:26

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.7%

JSON
Related for CVELIST:CVE-2021-37699
cve1nodejs1cnvd1osv2prion1github1ibm2