9.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%
An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This could open door for other attack vectors:
This issue only affects users who have Next.js SDK tunneling feature enabled.
The problem has been fixed in sentry/[email protected]
Disable tunneling by removing the tunnelRoute
option from Sentry Next.js SDK config — next.config.js
or next.config.mjs
.
CPE | Name | Operator | Version |
---|---|---|---|
@sentry/nextjs | lt | 7.77.0 |
blog.sentry.io/next-js-sdk-security-advisory-cve-2023-46729/
docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup/#configure-tunneling-to-avoid-ad-blockers
github.com/advisories/GHSA-2rmr-xw8m-22q9
github.com/getsentry/sentry-javascript/commit/ddbda3c02c35aba8c5235e0cf07fc5bf656f81be
github.com/getsentry/sentry-javascript/pull/9415
github.com/getsentry/sentry-javascript/security/advisories/GHSA-2rmr-xw8m-22q9
nvd.nist.gov/vuln/detail/CVE-2023-46729
www.npmjs.com/package/@sentry/nextjs/v/7.77.0
9.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%