Critical Next.js Vulnerability Let Attackers Compromise Server Operations

Two new vulnerabilities have been discovered in Next.js, related to response queue poisoning and SSRF on certain Next.js versions. These vulnerabilities have been assigned CVE-2024-34350 and CVE-2024-34351, and their severity has been given as 7.5 (High). The Response queue poisoning vulnerability exists due to inconsistent interpretation of crafted HTTP requests, which are meant to be
The post Critical Next.js Vulnerability Let Attackers Compromise Server Operations appeared first on Cyber Security News. Read More

May 11, 2024

Critical Next.js Vulnerability Let Attackers Compromise Server Operations

Two new vulnerabilities have been discovered in Next.js, related to response queue poisoning and SSRF on certain Next.js versions. These vulnerabilities have been assigned CVE-2024-34350 and CVE-2024-34351, and their severity has been given as 7.5 (High). The Response queue poisoning vulnerability exists due to inconsistent interpretation of crafted HTTP requests, which are meant to be
The post Critical Next.js Vulnerability Let Attackers Compromise Server Operations appeared first on Cyber Security News. Read More

About The Author

See author's posts

Related Stories

UN seeks to build consensus on ‘safe, secure and trustworthy’ AI

Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam

In Other News: LockBit 5.0, Department of War Cybersecurity Framework, OnePlus Vulnerability