next@1.0.1 vulnerabilities
The React Framework
-
latest version
14.2.3
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
10 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the next package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
next is a react framework. Affected versions of this package are vulnerable to Resource Exhaustion via the How to fix Resource Exhaustion? Upgrade |
<13.4.20-canary.13
|
next is a react framework. Affected versions of this package are vulnerable to Remote Code Execution (RCE) when the How to fix Remote Code Execution (RCE)? Upgrade |
>=0.9.9 <5.0.1-canary.5
|
next is a react framework. Affected versions of this package are vulnerable to Open Redirect. Specially encoded paths could be used when How to fix Open Redirect? Upgrade |
<11.1.0
|
next is a react framework. Affected versions of this package are vulnerable to Arbitrary File Read. The How to fix Arbitrary File Read? Upgrade |
<5.1.0
|
next is a react framework. Affected versions of this package are vulnerable to Path Traversal. Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). How to fix Path Traversal? Upgrade |
<9.3.2
|
Next is a minimalistic framework for server-rendered React applications. Affected versions of this package are vulnerable to Directory Traversal under the How to fix Directory Traversal? Upgrade |
<4.2.3
|
Next is a minimalistic framework for server-rendered React applications. Affected versions of this package are vulnerable to Directory Traversal under the How to fix Directory Traversal? Upgrade |
<4.2.3
|
next is a react framework. Affected versions of this package are vulnerable to Directory Traversal
via the How to fix Directory Traversal? Upgrade |
<2.4.1
|
Affected versions of the package are vulnerable to Cross-site Scripting (XSS) attacks. User supplied input is used in a How to fix Cross-site Scripting (XSS)? Upgrade |
<2.4.3
|
Affected versions of the package are vulnerable to Directory Traversal via the How to fix Directory Traversal? Upgrade |
<2.4.1
>=3.0.0-beta1 <3.0.0-beta7
|