Lucene search

GoogleOSV:GHSA-C59H-R6P8-Q9WC

HistoryOct 22, 2023 - 3:30 a.m.

Next.js missing cache-control header may lead to CDN caching empty reply

2023-10-2203:30:23

Google

osv.dev

next.js

cache-control header

cdn caching

denial of service

cloudflare

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

19.0%

JSON

Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN. Cloudflare considers these requests cacheable assets.

CPENameOperatorVersion
nextlt13.4.20-canary.13
nextge0.9.9

CPE	Name	Operator	Version
	next	lt	13.4.20-canary.13
	next	ge	0.9.9

References

github.com/vercel/next.js

github.com/vercel/next.js/commit/20d05958ff853e9c9e42139ffec294336881c648

github.com/vercel/next.js/compare/v13.4.20-canary.12...v13.4.20-canary.13

github.com/vercel/next.js/issues/45301

github.com/vercel/next.js/pull/54732

nvd.nist.gov/vuln/detail/CVE-2023-46298

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

19.0%

JSON

Related for OSV:GHSA-C59H-R6P8-Q9WC