Lucene search
+L

15 matches found

vulnersosv
vulnersosv
added 2026/01/26 7:49 p.m.8 views

@amazeelabs/bridge-waku (>=1.1.0 <=2.0.1), @amazeelabs/executors (>=3.0.0 <=3.1.14) +50 more potentially affected by CVE-2025-55184 +1 more via react-server-dom-webpack (>=19.0.0-canary-36e62c603-20240418 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0-canary-36e62c603-20240418, =1.1.0, =3.0.0, =1.1.0, =1.1.0, =1.0.0-canary.12245, =0.9.1-next.19, =1.0.0-canary.12245, =0.9.1-next.19, =1.0.0-canary.12245, =1.0.0-canary.12245, =1.0.0-canary.12245, =0.9.1-next.19, =1.0.0-canary.12245, =1.0.0-canary.12245...

7.5CVSS7.4AI score0.65592EPSS
Exploits10
snyk
snyk
added 2026/01/26 7:49 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview react-server-dom-webpack is a React Server Components bindings for DOM using Webpack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttli...

8.7CVSS5.9AI score0.65592EPSS
Exploits10References2
vulnersosv
vulnersosv
added 2026/01/26 7:49 p.m.9 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=3.0.0-canary.13332), @cedarjs/cli (>=1.0.0-canary.12863 <=3.0.0-canary.13332) +10 more potentially affected by CVE-2025-55184 +1 more via react-server-dom-webpack (>=19.2.1 <=19.2.3)

react-server-dom-webpack NPM version =19.2.1, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

7.5CVSS7.3AI score0.65592EPSS
Exploits10
githubexploit
githubexploit
added 2026/01/02 5:4 a.m.178 views

Exploit for Deserialization of Untrusted Data in Facebook React

🛡️ CVE-2025-55184Testing - Simple Tool for Security Scanning...

7.5CVSS6.3AI score0.65592EPSS
Exploits10
ibm
ibm
added 2025/12/19 9:14 p.m.12 views

Security Bulletin: User Entity Behavior Analytics app for IBM QRadar SIEM includes components with known vulnerabilities

Summary Components with known vulnerabilities were addressed in a IBM User Entity Behavior Analytics app release Vulnerability Details CVEID:CVE-2025-55182 DESCRIPTION: A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and...

10CVSS7.8AI score0.99562EPSS
Exploits385Affected Software1
github
github
added 2025/12/12 5:21 p.m.12 views

Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up

It was discovered that the fix for CVE-2025-55184 in React Server Components was incomplete and did not fully mitigate denial-of-service conditions across all payload types. As a result, certain crafted inputs could still trigger excessive resource consumption. This vulnerability affects React...

7.5CVSS5.6AI score0.65592EPSS
Exploits10References7Affected Software1
github
github
added 2025/12/11 10:49 p.m.28 views

Next Vulnerable to Denial of Service with Server Components

A vulnerability affects certain React packages for versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as CVE-2025-55184. A malicious HTTP request can...

7.5CVSS6.8AI score0.65592EPSS
Exploits10References4Affected Software1
vulnersosv
vulnersosv
added 2025/12/11 10:36 p.m.9 views

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +18 more potentially affected by CVE-2025-55184 via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

7.5CVSS7.4AI score0.65592EPSS
Exploits10
vulnersosv
vulnersosv
added 2025/12/11 10:36 p.m.8 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=1.0.0-canary.12878), @cedarjs/cli (>=1.0.0-canary.12863 <=2.0.3-next.1) +10 more potentially affected by CVE-2025-55184 via react-server-dom-webpack (=19.2.1)

react-server-dom-webpack NPM version =19.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on react-server-dom-webpack and may be impacted: - @cedarjs/api-server =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

7.5CVSS7.3AI score0.65592EPSS
Exploits10
vulnersosv
vulnersosv
added 2025/12/11 10:36 p.m.12 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=3.0.0-canary.13332), @cedarjs/cli (>=1.0.0-canary.12863 <=3.0.0-canary.13332) +10 more potentially affected by CVE-2025-55183 +1 more via react-server-dom-webpack (>=19.2.1 <=19.2.3)

react-server-dom-webpack NPM version =19.2.1, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

7.5CVSS7AI score0.65592EPSS
Exploits13
vulnersosv
vulnersosv
added 2025/12/11 10:36 p.m.8 views

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +18 more potentially affected by CVE-2025-55183 +1 more via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

7.5CVSS7AI score0.65592EPSS
Exploits13
f5
f5
added 2025/12/11 9:53 p.m.18 views

K000158154: React framework vulnerability CVE-2025-55184

Security Advisory Description A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and...

7.5CVSS5.8AI score0.65592EPSS
Exploits10
vulnersosv
vulnersosv
added 2025/12/11 8:43 p.m.7 views

@cedarjs/api-server (>=1.0.0-canary.12863 <=1.0.0-canary.12878), @cedarjs/cli (>=1.0.0-canary.12863 <=2.0.3-next.1) +10 more potentially affected by CVE-2025-55183 +1 more via react-server-dom-webpack (=19.2.1)

react-server-dom-webpack NPM version =19.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on react-server-dom-webpack and may be impacted: - @cedarjs/api-server =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...

7.5CVSS7AI score0.65592EPSS
Exploits13
freebsd
freebsd
added 2025/12/11 12:0 a.m.12 views

github-release-monitor -- multiple vulnerabilities

https://nextjs.org/blog/security-update-2025-12-11 reports: Description Medium Source Code Exposure: CVE-2025-55183 A specifically crafted HTTP request can cause a Server Function to return the compiled source code of other Server Functions in your application. This could reveal business logic...

7.5CVSS7.2AI score0.65592EPSS
Exploits13References1
circl
circl
added 2025/12/05 1:54 p.m.9 views

CVE-2025-55184

creationtimestamp| type| source ---|---|--- 2025-12-05 13:54:28+00:00| seen| https://vulnerability.circl.lu/bundle/6739b288-995a-4f1a-9f03-5d1ced3a8fbd 2025-12-11 20:51:04+00:00| seen| https://bsky.app/profile/react.dev/post/3m7qhaqdxuc2v 2025-12-11 20:51:04+00:00| seen|...

7.5CVSS7.4AI score0.65592EPSS
Exploits10References49
Rows per page
Query Builder