MEDIUM 4.4 npm
Directory Traversal in Next.js
GHSA-fq77-7p7r-83rj · CVE-2020-5284
Published · Modified
Description
Impact
- Not affected: Deployments on ZEIT Now v2 (https://zeit.co) are not affected
- Not affected: Deployments using the
serverlesstarget - Not affected: Deployments using
next export - Affected: Users of Next.js below 9.3.2
We recommend everyone to upgrade regardless of whether you can reproduce the issue or not.
Patches
https://github.com/zeit/next.js/releases/tag/v9.3.2
References
Ready to move
Start Securing
Free, no credit card | First findings in minutes