Launch Week Day 1: Announcing Security Design Review
Start for Free
HIGH 7.5 npm

Next.js Denial of Service (DoS) condition

GHSA-fq54-2j52-jc42 · CVE-2024-39693

Published · Modified

Description

Impact

A Denial of Service (DoS) condition was identified in Next.js. Exploitation of the bug can trigger a crash, affecting the availability of the server.

This vulnerability can affect all Next.js deployments on the affected versions.

Patches

This vulnerability was resolved in Next.js 13.5 and later. We recommend that users upgrade to a safe version.

Workarounds

There are no official workarounds for this vulnerability.

Credit

  • Thai Vu of flyseccorp.com
  • Aonan Guan (@0dd), Senior Cloud Security Engineer

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes