Lucene search
MitreVULNRICHMENT:CVE-2023-46298HistoryOct 22, 2023 - 12:00 a.m.
CVE-2023-46298
2023-10-2200:00:00
mitre
github.com
1
next.js
cache control
denial of service
cdn
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
24.2%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
partial
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN.
Related
prion
prion
Design/Logic Flaw
2023-10-22 03:15:00
github
github
Next.js missing cache-control header may lead to CDN caching empty reply
2023-10-22 03:30:23
cve
cve
CVE-2023-46298
2023-10-22 03:15:07
veracode
veracode
Denial Of Service (DoS)
2023-10-25 06:39:48
cvelist
cvelist
CVE-2023-46298
2023-10-22 00:00:00
osv
osv
Next.js missing cache-control header may lead to CDN caching empty reply
2023-10-22 03:30:23
CVE-2023-46298
2023-10-22 03:15:07
nvd
nvd
CVE-2023-46298
2023-10-22 03:15:07
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
24.2%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-46298