Improper Authorization

CVE-2025-29927

High

9.1/10

Summary

Next.js is a React framework for building full-stack web applications. In 11.1.4 through 12.3.5, 13.x prior to 13.5.9, 14.x prior to 14.2.25, 14.3.0-canary.0 through 14.3.0-canary.87, 15.x prior to 15.2.3, and 15.3.0-canary.0 through 15.3.0-canary.11, it is possible to bypass authorization checks within a Next.js application if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommended that you prevent external user requests that contain the "x-middleware-subrequest" header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-285 - Improper Authorization

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References

Advisory Timeline

Published Mar 21, 2025

Improper Authorization

CVE-2025-29927

Summary

CWE-285 - Improper Authorization

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS