Versions of next
prior to 9.3.2 are vulnerable to Path Traversal. The package failed to restrict access to arbitrary files inside the dist
directory through specially-crafted HTTP requests. It is not possible to access files outside of the dist
directory.
Upgrade to version 9.3.2 or later.