CVE-2025-57822
BaseFortify
Publication date: 2025-08-29
Last updated on: 2025-09-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vercel | next.js | to 14.2.32 (exc) |
| vercel | next.js | From 15.0.0 (inc) to 15.4.7 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Next.js occurs when the next() function is used without explicitly passing the request object in self-hosted applications that incorrectly forward user-supplied headers. This can lead to Server-Side Request Forgery (SSRF), where an attacker can make the server perform unintended requests.
How can this vulnerability impact me? :
The vulnerability can allow attackers to exploit SSRF to make unauthorized requests from the server, potentially accessing internal resources or sensitive information. This can lead to data exposure or other security issues depending on the server's environment and configuration.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Next.js to version 14.2.32 or 15.4.7 or later. Additionally, verify that any custom middleware logic in self-hosted environments correctly uses the next() function by explicitly passing the request object to avoid SSRF vulnerabilities.