CVE-2025-29927 9.1 critical score in Next.js
-
CVE-2025-29927 9.1 critical score in Next.js
"Prior to 14.2.25 and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware"
> This vulnerability is fixed in 14.2.25 and 15.2.3.
-
CVE-2025-29927 9.1 critical score in Next.js
"Prior to 14.2.25 and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware"
> This vulnerability is fixed in 14.2.25 and 15.2.3.
@stux Isn't this ancient stuff?
-
@stux Isn't this ancient stuff?
@collectifission NVD Published Date:
03/21/2025
NVD Last Modified:
03/23/2025 -
@collectifission NVD Published Date:
03/21/2025
NVD Last Modified:
03/23/2025@stux I mean the 14 and 15 versions. I see their latest release dates from 2021 and 2023.
Node.js — Node.js Releases
Node.js® is a JavaScript runtime built on Chrome's V8 JavaScript engine.
(nodejs.org)
-
@stux I mean the 14 and 15 versions. I see their latest release dates from 2021 and 2023.
Node.js — Node.js Releases
Node.js® is a JavaScript runtime built on Chrome's V8 JavaScript engine.
(nodejs.org)
@collectifission aaah! I guess indeed
could be it's still widly used perhaps
