4 matches found
Denial Of Service (DoS)
react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack and next are vulnerable to a Denial-Of-Service DoS. The vulnerability is due to insufficient patching of unsafe payload deserialization in React Server Components, where maliciously crafted HTTP requests sent to Server...
CVE-2025-55184
CVE-2025-55184 is a pre-authentication Denial of Service vulnerability in React Server Components from versions 19.0.0 through 19.2.2 (affecting react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack). The issue arises from unsafe deserialization of HTTP payloads sent t...
CVE-2025-55182
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes...
PT-2025-48817
Name of the Vulnerable Software and Affected Versions React Server Components versions 19.0.0 through 19.2.0 react-server-dom-parcel versions 19.0.0 through 19.2.0 react-server-dom-turbopack versions 19.0.0 through 19.2.0 react-server-dom-webpack versions 19.0.0 through 19.2.0 Description A...