CVE-2024-39693

{"id": "CVE-2024-39693", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-07-10T20:15:04.543", "references": [{"url": "https://github.com/vercel/next.js/security/advisories/GHSA-fq54-2j52-jc42", "source": "security-advisories@github.com"}, {"url": "https://github.com/vercel/next.js/security/advisories/GHSA-fq54-2j52-jc42", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Next.js is a React framework. A Denial of Service (DoS) condition was identified in Next.js. Exploitation of the bug can trigger a crash, affecting the availability of the server. his vulnerability was resolved in Next.js 13.5 and later."}, {"lang": "es", "value": "Next.js es un framework de React. Se identific\u00f3 una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en Next.js. La explotaci\u00f3n del error puede provocar una falla que afecte la disponibilidad del servidor. su vulnerabilidad se resolvi\u00f3 en Next.js 13.5 y versiones posteriores."}], "lastModified": "2024-11-21T09:28:14.067", "sourceIdentifier": "security-advisories@github.com"}