Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 79.77%
- Published 30.03.2020 22:15:15
- Last modified 21.11.2024 05:33:50
Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist direc...
6.1
CVE-2018-18282
- EPSS 0.26%
- Published 12.10.2018 22:29:00
- Last modified 21.11.2024 03:55:38
Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page.
7.5
CVE-2018-6184
- EPSS 49.05%
- Published 24.01.2018 10:29:01
- Last modified 21.11.2024 04:10:14
ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.
7.5
CVE-2017-16877
- EPSS 83.2%
- Published 17.11.2017 17:29:00
- Last modified 20.04.2025 01:37:25
ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information.
1