next vulnerabilities

The React Framework

  • latest version

    15.5.3

  • latest non vulnerable version

  • first published

    14 years ago

  • latest version published

    9 days ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the next package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Server-side Request Forgery (SSRF)

    <14.2.32>=15.0.0 <15.4.2-canary.43>=15.4.3 <15.4.7
    • M
    Use of Cache Containing Sensitive Information

    <14.2.31>=15.0.0 <15.4.2-canary.19>=15.4.3 <15.4.5
    • L
    Missing Source Correlation of Multiple Independent Data

    <14.2.31>=15.0.0 <15.4.2-canary.19>=15.4.3 <15.4.5
    • H
    HTTP Request Smuggling

    >=15.0.4-canary.51 <15.1.8
    • M
    Interpretation Conflict

    >=15.3.0 <15.3.3
    • L
    Missing Origin Validation in WebSockets

    >=13.0.0 <14.2.30>=15.0.0-rc.0 <15.2.2
    • M
    Race Condition

    <14.2.24>=15.0.0 <15.1.6
    • M
    Information Exposure

    >=12.3.5 <12.3.6>=13.5.9 <13.5.10>=14.2.25 <14.2.26>=15.2.3 <15.2.4
    • C
    Improper Authorization

    >=11.1.4 <12.3.5>=13.0.0 <13.5.9>=14.0.0 <14.2.25>=15.0.0-rc.0 <15.2.3>=15.3.0-canary.0 <15.3.0-canary.12
    • M
    Allocation of Resources Without Limits or Throttling

    >=13.0.0 <13.5.8>=14.0.0 <14.2.21>=15.0.0 <15.1.2
    • H
    Missing Authorization

    >=9.5.5 <13.5.8>=14.0.0 <14.2.15>=15.0.0-canary.0 <15.0.0-canary.177
    • H
    Uncontrolled Recursion

    >=10.0.0 <14.2.7>=15.0.0-canary.0 <15.0.0-canary.109
    • H
    Acceptance of Extraneous Untrusted Data With Trusted Data

    >=13.5.1 <13.5.7>=14.0.0 <14.2.10
    • H
    Denial of Service (DoS)

    >=13.4.0 <13.5.0
    • H
    Server-Side Request Forgery (SSRF)

    >=13.4.0 <14.1.1
    • H
    HTTP Request Smuggling

    >=13.4.0 <13.5.1
    • M
    Resource Exhaustion

    <13.4.20-canary.13
    • H
    Remote Code Execution (RCE)

    >=0.9.9 <5.0.1-canary.5
    • M
    Uncaught Exception

    >=12.2.3 <12.2.4
    • M
    User Interface (UI) Misrepresentation of Critical Information

    >=10.0.0 <12.1.0
    • M
    Denial of Service (DoS)

    >=12.0.0 <12.0.9
    • H
    Denial of Service (DoS)

    >=12.0.0 <12.0.5>=11.1.0 <11.1.3
    • M
    Cross-site Scripting (XSS)

    >=10.0.0 <11.1.1
    • M
    Open Redirect

    <11.1.0
    • M
    Open Redirect

    >=9.5.0 <9.5.4
    • H
    Arbitrary File Read

    <5.1.0
    • M
    Path Traversal

    <9.3.2
    • M
    Cross-site Scripting (XSS)

    >=7.0.0 <7.0.2
    • H
    Directory Traversal

    <4.2.3
    • H
    Directory Traversal

    <2.4.1
    • M
    Cross-site Scripting (XSS)

    <2.4.3
    • H
    Directory Traversal

    <2.4.1>=3.0.0-beta1 <3.0.0-beta7

    Package versions

    3362 VERSIONS IN TOTAL See all versions
    versionpublisheddirect vulnerabilities
    15.6.0-canary.1919 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1819 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1719 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1618 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1518 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1418 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1318 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1217 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1117 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L
    15.6.0-canary.1016 Sep, 2025
    • 0
      C
    • 0
      H
    • 0
      M
    • 0
      L