7 matches found
CVE-2022-23646
Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface UI Misrepresentation of Critical Information. In order to be affected, the next.config.js file must have an images.domains array assigned and the image host assigned in...
EUVD-2025-30217
Malicious code in bioql PyPI...
EUVD-2022-0986
Malicious code in bioql PyPI...
CVE-2025-59714
In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...
CVE-2025-59714
In Internet2 Grouper 5.17.1 before 5.20.5, group admins who are not Grouper sysadmins can configure loader jobs...
User Interface (UI) Misrepresentation Of Critical Information
next is having User Interface UI Misrepresentation of Critical Information. The vulnerability exists because next.config.js file has images.loader assigned as the default loader configuration, leading to misrepresentation of critical user Information...
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0
Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface UI Misrepresentation of Critical Information. In order to be affected, the next.config.js file must have an images.domains array assigned and the image host assigned in...