Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-FMVM-X8MV-47MJ
HistoryFeb 17, 2022 - 5:19 p.m.

Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0

2022-02-1717:19:18
CWE-451
GitHub Advisory Database
github.com
34

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

46.3%

JSON

Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface (UI) Misrepresentation of Critical Information. In order to be affected, the next.config.js file must have an images.domains array assigned and the image host assigned in images.domains must allow user-provided SVG. If the next.config.js file has images.loader assigned to something other than default, the instance is not affected. Version 12.1.0 contains a patch for this issue. As a workaround, change next.config.js to use a different loader configuration other than the default.

Impact

  • Affected: All of the following must be true to be affected
    • Next.js between version 10.0.0 and 12.0.10
    • The next.config.js file has images.domains array assigned
    • The image host assigned in images.domains allows user-provided SVG
  • Not affected: The next.config.js file has images.loader assigned to something other than default

Patches

Next.js 12.1.0

Workarounds

Change next.config.js to use a different loader configuration other than the default, for example:

module.exports = {
  images: {
    loader: 'imgix',
    path: 'https://example.com/myaccount/',
  },
}

Or if you want to use the loader prop on the component, you can use custom:

module.exports = {
  images: {
    loader: 'custom',
  },
}

Affected configurations

Vulners
Node
qsmart_next_projectqsmart_nextRange10.0.0
OR
qsmart_next_projectqsmart_nextRange<12.1.0
CPENameOperatorVersion
nextge10.0.0
nextlt12.1.0

Related

cvelist 1
osv 2
cve 1
veracode 1
prion 1
nvd 1
ibm 1
cvelist
cvelist
CVE-2022-23646 Improper CSP in Image Optimization API for Next.js
2022-02-17 20:35:12
osv
osv
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0
2022-02-17 17:19:18
CVE-2022-23646
2022-02-17 21:15:07
cve
cve
CVE-2022-23646
2022-02-17 21:15:07
veracode
veracode
User Interface (UI) Misrepresentation Of Critical Information
2022-02-18 14:02:05
prion
prion
Design/Logic Flaw
2022-02-17 21:15:00
nvd
nvd
CVE-2022-23646
2022-02-17 21:15:07
ibm
ibm
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
2023-06-16 15:20:09

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

46.3%

JSON
Related for GHSA-FMVM-X8MV-47MJ
cvelist1osv2cve1veracode1prion1nvd1ibm1