Improper Check for Unusual or Exceptional Conditions
CVE-2022-36046
Summary
Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.1.1-canary.1 through 12.2.4-canary.3, Node.js version above version 15.0.0 being used with strict "unhandledRejection" exiting AND using next start or a custom server. Deployments on Vercel are not affected along with similar environments where "next-server" isn't being shared across requests.
- HIGH
- NETWORK
- NONE
- UNCHANGED
- NONE
- LOW
- NONE
- HIGH
CWE-754 - Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
References
Advisory Timeline
- Published