Next.js@10.0.0 Security Vulnerabilities and Issues — Next.js@10.0.0 CVE List

Lucene search

VercelNext.js10.0.0

3 matches found

CVE•added 2024/10/14 6:15 p.m.•292 views

CVE-2024-47831

Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a potential Denial of Service (DoS) condition which could lead to excessive CPU consumption. Neither t...

7.5CVSS5.8AI score0.00115EPSS

CVE•added 2022/02/17 9:15 p.m.•178 views

CVE-2022-23646

Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface (UI) Misrepresentation of Critical Information. In order to be affected, the next.config.js file must have an images.domains array assigned and the image host assigned in ...

7.5CVSS6.4AI score0.01477EPSS

CVE•added 2021/08/31 12:15 a.m.•82 views

CVE-2021-39178

Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In order for an instance to be affected by the vulnerability, the next.config.js file must have images.domains array assigned and the image host assigned in images.domains must ...

7.5CVSS6.2AI score0.007EPSS