VDB

GHSA-9qr9-h5gf-34mp

GHSA-9qr9-h5gf-34mp PUBLISHED CVSS 10 CRITICAL

Next.js is vulnerable to RCE in React flight protocol

Risk Scores

CVSS 3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersions
npmnext14.3.0-canary.77, 15.1.0-canary.0, 15.2.0-canary.0

Timeline

  • CVE Published
  • Sep 28, 2023 CrowdSec Sighting
  • Sep 28, 2023 CrowdSec Sighting
  • Sep 28, 2023 CrowdSec Sighting
  • Sep 28, 2023 CrowdSec Sighting
  • Sep 29, 2023 CrowdSec Sighting
  • Sep 29, 2023 CrowdSec Sighting
  • Sep 29, 2023 CrowdSec Sighting
  • Sep 29, 2023 CrowdSec Sighting
  • Sep 30, 2023 CrowdSec Sighting
  • Oct 2, 2023 CrowdSec Sighting
  • Oct 3, 2023 CrowdSec Sighting
Open in Interactive Console →
$ Console Community · 100/wk Open console ›