CNNVD-202508-3485 Information

CNNVD ID

CNNVD-202508-3485

Related CVE

CVE-2025-57822

• CNNVD Published: 2025-08-29

Description (Chinese)

Next.js是Vercel开源的一个 React 框架。 Next.js 14.2.32之前版本和15.4.7之前版本存在代码问题漏洞，该漏洞源于next函数使用不当，可能导致服务器端请求伪造。

Description (English)

Next.js is a react framework for Vercel ’s open source. Next.js 14.2.32 and 15.4.7 had a code problem loophole, which stemmed from the improper use of the next function and could lead to the forgery of server requests.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Versa

Published

2025-08-29

Last Modified

2026-02-24

References

https://vercel.com/changelog/cve-2025-57822 https://github.com/vercel/next.js/security/advisories/GHSA-4342-x723-ch2f https://github.com/vercel/next.js/commit/9c9aaed5bb9338ef31b0517ccf0ab4414f2093d8 https://access.redhat.com/security/cve/cve-2025-57822 https://nvd.nist.gov/vuln/detail/CVE-2025-57822

Patch

https://github.com/vercel/next.js/releases