Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-x56p-c8cg-q435

GitHub Security Advisory

Open Redirect in Next.js versions

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact

- **Affected**: Users of Next.js between 9.5.0 and 9.5.3
- **Not affected**: Deployments on Vercel ([https://vercel.com](https://vercel.com)) are not affected
- **Not affected**: Deployments using `next export`

We recommend everyone to upgrade regardless of whether you can reproduce the issue or not.

### Patches

https://github.com/vercel/next.js/releases/tag/v9.5.4

### References

https://github.com/vercel/next.js/releases/tag/v9.5.4

Affected Packages

npm next
Affected versions: 9.5.0 (fixed in 9.5.4)

Related CVEs

CVE-2020-15242

Key Information

GHSA ID
GHSA-x56p-c8cg-q435
Published
October 8, 2020 7:28 PM
Last Modified
October 6, 2021 9:27 PM
CVSS Score
5.0 /10
Primary Ecosystem
npm
Primary Package
next
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 3, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.