CVE-2024-51479
Authorization bypass in Next.js
In short
Next.js applications using middleware for authorization based on URL paths can be bypassed for pages directly under the root directory (like /foo), allowing unauthorized access to protected pages.
Technical detail
Authorization bypass vulnerability in Next.js middleware where path-based access control fails for single-level routes in the root directory due to improper pathname validation. Attack vector is direct HTTP request to affected paths; mitigation requires upgrading to Next.js 14.2.15+.
Summary generated and translated by AI from the official description.
Next.js is a React framework for building full-stack web applications. In affected versions if a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed for pages directly under the application's root directory. For example: * [Not affected] `https://example.com/` * [Affected] `https://example.com/foo` * [Not affected] `https://example.com/foo/bar`. This issue is patched in Next.js `14.2.15` and later. If your Next.js application is hosted on Vercel, this vulnerability has been automatically mitigated, regardless of Next.js version. There are no official workarounds for this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
vercel · next.jsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →