Known Vulnerabilities for Next.js by Vercel
Listed below are 6 of the newest known vulnerabilities associated with "Next.js" by "Vercel".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23646 | Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interfa... | 7.5 - HIGH | 2022-02-17 | 2022-02-25 |
| CVE-2022-21721 | Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad act... | 7.5 - HIGH | 2022-01-28 | 2023-07-24 |
| CVE-2021-43803 | Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a ser... | 7.5 - HIGH | 2021-12-10 | 2024-03-12 |
| CVE-2021-39178 | Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In ... | 6.1 - MEDIUM | 2021-08-31 | 2021-09-08 |
| CVE-2021-37699 | Next.js is an open source website development framework to be used with the React library. In affected versions specially enc... | 6.1 - MEDIUM | 2021-08-12 | 2021-08-20 |
| CVE-2020-15242 | Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Redirect. Specially encoded paths could be used with the traili... | 6.1 - MEDIUM | 2020-10-08 | 2020-12-03 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Vercel | Next.js | 9.5.6 | - | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary0 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary1 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary10 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary11 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary12 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary13 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary14 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary15 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary16 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary17 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary18 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary2 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary3 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary4 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary5 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary6 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary7 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary8 | All | All |
| Application | Vercel | Next.js | 9.5.6 | canary9 | All | All |