CVE-2025-57752 Next.js Affected by Cache Key Confusion for Image Optimization API Routes

Next.js is a React framework for building full-stack web applications. In versions before 14.2.31 and from 15.0.0 to before 15.4.5, Next.js Image Optimization API routes are affected by cache key confusion. When images returned from API routes vary based on request headers such as Cookie or...

Next.js 安全漏洞

Next.js is a React framework open-sourced by Vercel. A security vulnerability exists in Next.js versions prior to 14.2.31 and 15.0.0 through 15.4.5, which stems from cache key obfuscation and could lead to unauthorized user access...