Vulnerability	Vulnerable Version
M Allocation of Resources Without Limits or Throttling next is a react framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the Server Actions process. An attacker can cause the server to hang by constructing requests that leave Server-Actions requests pending until the hosting provider terminates the function execution. Note: This is only exploitable if there are no protections against long-running Server Action invocations. How to fix Allocation of Resources Without Limits or Throttling? Upgrade `next` to version 13.5.8, 14.2.21, 15.1.2 or higher.	>=13.0.0 <13.5.8>=14.0.0 <14.2.21>=15.0.0 <15.1.2

Allocation of Resources Without Limits or Throttling

next is a react framework.

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the Server Actions process. An attacker can cause the server to hang by constructing requests that leave Server-Actions requests pending until the hosting provider terminates the function execution.

Note:

This is only exploitable if there are no protections against long-running Server Action invocations.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade next to version 13.5.8, 14.2.21, 15.1.2 or higher.

>=13.0.0 <13.5.8>=14.0.0 <14.2.21>=15.0.0 <15.1.2

Go back to all versions of this package