Vulnerabilities > CVE-2022-36046 - Improper Check for Unusual or Exceptional Conditions vulnerability in Vercel Next.Js 12.2.3

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

vercel

CWE-754

NVD

Published: 2022-08-31

Updated: 2022-09-07

Summary

Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v15.0.0 being used with strict `unhandledRejection` exiting AND using next start or a [custom server](https://nextjs.org/docs/advanced-features/custom-server). Deployments on Vercel ([vercel.com](https://vercel.com/)) are not affected along with similar environments where `next-server` isn't being shared across requests.

Vulnerable Configurations

Part	Description	Count
Application	Vercel Vercel Next.Js 12.2.3	1
Application	Nodejs Nodejs Node.Js *	1

Common Weakness Enumeration (CWE)

CWE-754 - Improper Check for Unusual or Exceptional Conditions

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References