CVE-2023-46298

Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN.

Published: Oct 22, 2023
Updated: May 10, 2024
CVE: CVE-2023-46298
GHSA: GHSA-c59h-r6p8-q9wc
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
vercel / next.js	-	13.4.20
vercel / next.js	13.4.20-canary1	13.4.20-canary1.x
vercel / next.js	13.4.20-canary2	13.4.20-canary2.x
vercel / next.js	13.4.20-canary3	13.4.20-canary3.x
vercel / next.js	13.4.20-canary4	13.4.20-canary4.x
vercel / next.js	13.4.20-canary5	13.4.20-canary5.x
vercel / next.js	13.4.20-canary6	13.4.20-canary6.x
vercel / next.js	13.4.20-canary7	13.4.20-canary7.x
vercel / next.js	13.4.20-canary8	13.4.20-canary8.x
vercel / next.js	13.4.20-canary9	13.4.20-canary9.x
vercel / next.js	13.4.20-canary10	13.4.20-canary10.x
vercel / next.js	13.4.20-canary11	13.4.20-canary11.x
vercel / next.js	13.4.20-canary12	13.4.20-canary12.x
vercel / next.js	13.4.20-canary0	13.4.20-canary0.x
next	0.9.9	13.4.20-canary.13

Vulnerability Database

289,697

CVE-2023-46298