Lucene search
GoogleOSV:CVE-2021-43803HistoryDec 10, 2021 - 12:15 a.m.
CVE-2021-43803
2021-12-1000:15:11
Google
osv.dev
5
0.004 Low
EPSS
Percentile
73.3%
Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom server. Deployments on Vercel are not affected, along with similar environments where invalid requests are filtered before reaching Next.js. Versions 12.0.5 and 11.1.3 contain patches for this issue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| node | eq | 11.1.3-canary.63 | |
| node | eq | 12.0.1-canary.1 | |
| node | eq | 11.1.3-canary.47 | |
| node | eq | 12.0.2-canary.11 | |
| node | eq | 11.6.0 | |
| node | eq | 11.1.3-canary.41 | |
| node | eq | 11.1.3-canary.50 | |
| node | eq | 12.11.0 | |
| node | eq | 12.14.0 | |
| node | eq | 12.18.1 |
Related
prion
prion
Code injection
2021-12-10 00:15:00
osv
osv
Unexpected server crash in Next.js.
2021-12-07 21:12:09
veracode
veracode
Denial Of Service
2021-12-08 06:30:28
cvelist
cvelist
CVE-2021-43803 Unexpected server crash in Next.js
2021-12-09 23:50:10
nvd
nvd
CVE-2021-43803
2021-12-10 00:15:11
cve
cve
CVE-2021-43803
2021-12-10 00:15:11
alpinelinux
alpinelinux
CVE-2021-43803
2021-12-10 00:15:11
github
github
Unexpected server crash in Next.js.
2021-12-07 21:12:09
