Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm next Security Advisories
Browse all Security Advisories for npm next
Loading...
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 1 month ago
GSA_kwCzR0hTQS1nNzd4LTQ0eHgtNTMybc4ABAQO
Denial of Service condition in Next.js image optimizationEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: about 1 month ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 2 months ago
GSA_kwCzR0hTQS1ncDhmLThtM2ctcXZqOc4AA_nS
Next.js Cache PoisoningEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 2 months ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 4 months ago
GSA_kwCzR0hTQS1mcTU0LTJqNTItamM0Ms4AA9w6
Next.js Denial of Service (DoS) conditionEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 4 months ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 7 months ago
GSA_kwCzR0hTQS1mcjVoLXJxcDgtbWo2Z84AA74P
Next.js Server-Side Request Forgery in Server ActionsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 7 months ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 7 months ago
GSA_kwCzR0hTQS03N3I1LWd3M2otMm1wZs4AA74O
Next.js Vulnerable to HTTP Request SmugglingEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: 7 months ago
Low
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jNTloLXI2cDgtcTl3Y84AA2m9
Next.js missing cache-control header may lead to CDN caching empty replyEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: about 2 years ago
GSA_kwCzR0hTQS13ZmY0LWZwd2ctcXF2M84AAui2
Unexpected server crash in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: almost 3 years ago
GSA_kwCzR0hTQS1mbXZtLXg4bXYtNDdtas0s0Q
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: almost 3 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: almost 3 years ago
GSA_kwCzR0hTQS13cjY2LXZyd20tNWc1eM0nOg
Denial of Service Vulnerability in next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: almost 3 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 3 years ago
GSA_kwCzR0hTQS0yNW1wLWc2ZnYtbXF4eM0ZPg
Unexpected server crash in Next.js.Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 3 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncjMtNzg5Ny1wcDdt
XSS in Image Optimization API for Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: about 3 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4ZjUtd3h3cC1tN2c5
Open Redirect in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 38.2
Published: over 3 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg1NnAtYzhjZy1xNDM1
Open Redirect in Next.js versionsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 26.0
Published: about 4 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2ajgtM3YyaC1oMzh2
Remote Code Execution in nextEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZxNzctN3A3ci04M3Jq
Directory Traversal in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 24.4
Published: over 4 years ago
Moderate
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF3OTYtbW0yZy1jOG03
Next.js has cross site scripting (XSS) vulnerability via the 404 or 500 /_error pageEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 33.8
Published: about 6 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zNHgtd2dyaC1nODk3
Directory traversal vulnerability in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 7 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 7 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmNWMtNHF4ai12bXBm
Next.js Directory Traversal VulnerabilityEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 7 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 3
Ecosystems: 12
Packages: 9,040
Repositories: 3
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
31
electron
26
directus
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
next
18
tinymce
16
sequelize
16
ghost
15
ckeditor4
15
joplin
14
swagger-ui
14
undici
13
strapi
13
angular
13
nodebb
12
vm2
12
matrix-js-sdk
11
bootstrap
11
marked
11
handlebars
11
tinymce/tinymce
11
TinyMCE
11
flowise
10
nocodb
10
@strapi/strapi
9
bootstrap
9
@evershop/evershop
9
serve
9
org.webjars:bootstrap
9
twbs/bootstrap
9
matrix-react-sdk
9
next-auth
9
bootstrap
9
node-forge
8
matrix-appservice-irc
8
tar
8
systeminformation
8
steal
8
npm
8
urijs
8
jquery
8
jsrsasign
8
org.webjars.npm:jquery
8
jquery-rails
8
express-cart
8
url-parse
8
validator
8
editor.md
8
lodash
7
hapi
7
sanitize-html
7
bootstrap.sass
7
bootstrap-sass
7
snyk-broker
7
vite
7
elliptic
7
shescape
7
total.js
7
dompurify
7
jQuery
7
jquery-ui
7
uptime-kuma
7
jquery-ui-rails
7
hermes-engine
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
safe-eval
6
@strapi/plugin-users-permissions
6
rsshub
6
bootstrap-sass
6
aaptjs
6
parse-url
6
sweetalert2
5
axios
5
@saltcorn/server
5
mongoose
5
lunary
5
mermaid
5
mattermost-desktop
5
ws
5
rendertron
5
public
5
yarn
5
xlsx
5
total4
5
mysql2
5
openpgp
5
lodash-es
5
keystone
5
prismjs
5
dojo
5
vditor
5
ejs
5
ua-parser-js
5
@backstage/plugin-scaffolder-backend
4
safer-eval
4
valine
4
glance
4
moment
4
simple-git
4
convert-svg-core
4
auth0-lock
4
remarkable
4
jsonwebtoken
4
vega
4
follow-redirects
4
hummus
4
muhammara
4
fast-xml-parser
4
@lobehub/chat
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
express
4
ecstatic
4
aws-iot-device-sdk-v2
4
materialize-css
4
awsiotsdk
4
generator-jhipster
4
apollo-server-core
4
engine.io
4
auth0-js
4
hono
4
@keystone-6/core
4
simple-markdown
4
katex
4
realms-shim
4
fastify
4
meshcentral
4
mongo-express
4
apostrophe
4
qs
4
ids-enterprise
3
keycloak-connect
3
sails
3
highcharts
3
@materializecss/materialize
3
object-path
3
typeorm
3
js-yaml
3
socket.io-parser
3
renovate
3
@ckeditor/ckeditor5-markdown-gfm
3
passport-wsfed-saml2
3
raneto
3
libxmljs
3
node-red-dashboard
3
connect
3
codecov
3
jspdf
3
llhttp
3
apollo-server
3
@cubejs-backend/api-gateway
3
node-ipc
3
notevil
3
mysql
3
node-opcua
3
node-fetch
3
@jmondi/url-to-png
3
socket.io-file
3
@janhq/core
3
grunt
3
@soketi/soketi
3
jquery-validation
3
jointjs
3
nodemailer
3
dns-sync
3
snyk
3
mathjs
3
simplehttpserver
3
dojox
3
django-tinymce
3
nadesiko3
3
localhost-now
3
fuxa-server
3
slpjs
3
loader-utils
3
express-fileupload
3
convict
3
ftp-srv
3
@uppy/companion
3
subtext
3
parsel
3
mixme
3
xmldom
3
bin-links
3
jose
3
jose-node-esm-runtime
3
jose-node-cjs-runtime
3
openmct
3
docsify
3
m-server
3
@strapi/utils
3
postcss
3
feathers-sequelize
3
blamer
3
immer
3
@commercial/subtext
3
json-pointer
3
@backstage/techdocs-common
3
send
3
Filter by Repository