Vulnerabilities > Vercel

DATE CVE VULNERABILITY TITLE RISK
2024-10-14 CVE-2024-47831 Uncontrolled Recursion vulnerability in Vercel Next.Js
Next.js is a React Framework for the Web.
network
low complexity
vercel CWE-674
7.5
2024-02-09 CVE-2024-24828 Unspecified vulnerability in Vercel PKG
pkg is tool design to bundle Node.js projects into an executables.
local
low complexity
vercel
7.8
2023-10-22 CVE-2023-46298 Unspecified vulnerability in Vercel Next.Js
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN.
network
low complexity
vercel
7.5
2023-01-05 CVE-2017-20162 Unspecified vulnerability in Vercel MS
A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x.
network
low complexity
vercel
5.3
2022-02-17 CVE-2022-23646 User Interface (UI) Misrepresentation of Critical Information vulnerability in Vercel Next.Js
Next.js is a React framework.
network
vercel CWE-451
4.3
2022-01-28 CVE-2022-21721 Unspecified vulnerability in Vercel Next.Js
Next.js is a React framework.
network
low complexity
vercel
7.5
2021-12-10 CVE-2021-43803 Unspecified vulnerability in Vercel Next.Js
Next.js is a React framework.
network
low complexity
vercel
7.5
2021-08-31 CVE-2021-39178 Cross-site Scripting vulnerability in Vercel Next.Js
Next.js is a React framework.
network
vercel CWE-79
4.3
2020-10-08 CVE-2020-15242 Open Redirect vulnerability in Vercel Next.Js
Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Redirect.
network
vercel CWE-601
5.8
2017-01-23 CVE-2015-8315 Unspecified vulnerability in Vercel MS
The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."
network
low complexity
vercel
7.5