Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unexpected server crash in Next.js version 12.2.3
Vulnerability Description
Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v15.0.0 being used with strict `unhandledRejection` exiting AND using next start or a [custom server](https://nextjs.org/docs/advanced-features/custom-server). Deployments on Vercel ([vercel.com](https://vercel.com/)) are not affected along with similar environments where `next-server` isn't being shared across requests.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未捕获的异常
Vulnerability Title
ZEIT Next.js 代码问题漏洞
Vulnerability Description
ZEIT Next.js是ZEIT公司的一款基于Vue.js、Node.js、Webpack和Babel.js的开源Web应用框架。 ZEIT Next.js存在安全漏洞,该漏洞源于当特定的请求被发送到Next.js服务器时,它可能会在服务器中导致一个unhandledRejection,这可能会导致在严格的unhandledRejection处理的特定Node.js版本中退出进程崩溃。以下版本受到影响:v12.2.3版本、使用严格的unhandledRejection退出的v15.0.0以上的版本
CVSS Information
N/A
Vulnerability Type
N/A