目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2025-55184 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints, which can cause an infinite loop that hangs the server process and may prevent future HTTP requests from being served.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Meta React Server Components 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Meta React Server Components是美国Meta公司的一系列组件。 Meta React Server Components 19.0.0版本、19.0.1版本、19.1.0版本、19.1.1版本、19.1.2版本、19.2.0版本和19.2.1版本存在安全漏洞,该漏洞源于不安全反序列化HTTP请求负载,可能导致无限循环和拒绝服务。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
Metareact-server-dom-webpack 19.0.0 ~ 19.0.1 -
Metareact-server-dom-turbopack 19.0.0 ~ 19.0.1 -
Metareact-server-dom-parcel 19.0.0 ~ 19.0.1 -
二、漏洞 CVE-2025-55184 的公开POC
#POC 描述源链接神龙链接
1React Server Components 19.0.0 to 19.2.1 including react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack contain an insecure deserialization vulnerability caused by unsafe payload deserialization in Server Function endpoints, letting unauthenticated attackers cause denial of service by hanging the server process. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-55184.yamlPOC详情
2Nonehttps://github.com/hans362/CVE-2025-55184-pocPOC详情
3Nonehttps://github.com/ejpir/CVE-2025-55184POC详情
4Nonehttps://github.com/BakhodiribnYashinibnMansur/CVE-2025-55184POC详情
5Python script for Testing CVE-2025-55184 https://github.com/Kajal5414/CVE-2025-55184_TestingPOC详情
6Nonehttps://github.com/cybertechajju/CVE-2025-55184-POC-ExpolitPOC详情
7Nonehttps://github.com/KingHacker353/CVE-2025-55184POC详情
8Target Code + Exploithttps://github.com/Tarekhshaikh13/CVE-2025-55184POC详情
9Python script for Testing CVE-2025-55184 https://github.com/KkHackingLearning/CVE-2025-55184_TestingPOC详情
10OpsGuard eliminates the "3 AM PagerDuty" nightmare, specifically protecting against threats like the recent CVE-2025-55184 (Next.js DoS)https://github.com/shubham-01-star/OpsGuard-simulationPOC详情
11🛠️ Test and validate the CVE-2025-55184 vulnerability in React Server Components to enhance your application's security against denial-of-service attacks.https://github.com/yogeshkumar09/CVE-2025-55184_TestingPOC详情
12🛡️ Test for the CVE-2025-55184 DoS vulnerability in React Server Components with this safe, non-destructive Python scanner to enhance your application's security.https://github.com/yogeshkumar09/yogeshkumar09.github.ioPOC详情
13PoC of CVE-2025-55184 and CVE-2025-67779, which are vulnerabilities of Reacthttps://github.com/JSH-data/CVE-2025-55184_CVE-2025-67779POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2025-55184 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same product: react-server-dom-webpack
Same vendor: Meta
V. Comments for CVE-2025-55184

暂无评论

发表评论