CVE-2024-34350

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-34350
Next.js is a React framework that can provide building blocks to create web applications. Prior to 13.5.1, an inconsistent interpretation of a crafted HTTP request meant that requests are treated as both a single request, and two separate requests by Next.js, leading to desynchronized responses. This led to a response queue poisoning vulnerability in the affected Next.js versions. For a request to be exploitable, the affected route also had to be making use of the [rewrites](https://nextjs.org/docs/app/api-reference/next-config-js/rewrites) feature in Next.js. The vulnerability is resolved in Next.js `13.5.1` and newer.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/vercel/next.js/security/advisories/GHSA-77r5-gw3j-2mpf
https://github.com/vercel/next.js/security/advisories/GHSA-77r5-gw3j-2mpf
Configurations

No configuration.

History

21 Nov 2024, 09:18

Type Values Removed Values Added
References () https://github.com/vercel/next.js/security/advisories/GHSA-77r5-gw3j-2mpf - () https://github.com/vercel/next.js/security/advisories/GHSA-77r5-gw3j-2mpf -
Summary
  • (es) Next.js es un framework React que puede proporcionar componentes básicos para crear aplicaciones web. Antes de 13.5.1, una interpretación inconsistente de una solicitud HTTP manipulada significaba que Next.js trataba las solicitudes como una sola solicitud y como dos solicitudes separadas, lo que generaba respuestas desincronizadas. Esto provocó una vulnerabilidad de envenenamiento de la cola de respuestas en las versiones de Next.js afectadas. Para que una solicitud fuera explotable, la ruta afectada también tenía que utilizar la función [reescrituras](https://nextjs.org/docs/app/api-reference/next-config-js/rewrites) en Next. js. La vulnerabilidad se resuelve en Next.js `13.5.1` y versiones posteriores.

14 May 2024, 15:38

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-14 15:38

Updated : 2024-11-21 09:18

NVD link : CVE-2024-34350

Mitre link : CVE-2024-34350

CVE.ORG link : CVE-2024-34350

JSON object : View

Products Affected

No product.

CWE
CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')