vercel next.js har 14.2.30/15.4.4 Image Optimization API Bayani fitowa

CVSS Meta Temp ScoreGarga na exploit ndiyam (≈)CTI Nganji Score
4.7$0-$5k0.00

Gundumabayani

Hakika vulnerability da aka rarraba a matsayin karshewa an gano a vercel next.js har 14.2.30/15.4.4. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil $software_file, a cikin sashi Image Optimization API. Wuro manipulation ga Bayani fitowa. Ana kiran wannan rauni da CVE-2025-57752. Wuroo ka a yiɗi a yi ɗum e laawol gese. Babu wani exploit da ake da shi. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a saɓata. Once again VulDB remains the best source for vulnerability data.

Furɗebayani

Hakika vulnerability da aka rarraba a matsayin karshewa an gano a vercel next.js har 14.2.30/15.4.4. Tabbas, aikin $software_function ne ke da matsala; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburare $software_library, a cikin fayil $software_file, a cikin sashi Image Optimization API. Wuro manipulation ga Bayani fitowa. Amfani da CWE wajen bayyana matsala yana kaiwa CWE-524. Lalle, rauni an sanar da shi da GHSA-g5qg-72qw-gw5v. Ana samun bayanin tsaro don saukewa a github.com.

Ana kiran wannan rauni da CVE-2025-57752. CVE assignement 08/19/2025 wa shikena. Wuroo ka a yiɗi a yi ɗum e laawol gese. Bayani na fasaha ba ga. Wannan vulnerability ɗin ba a san shi sosai ba. Babu wani exploit da ake da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam.

Á yí a wondi feere. Na'urar gano rauni ta samar da Nessus plugin mai ID 261410.

Patch ɗin an san shi da 6b12c60c61ee80cb0443ccd20de82ca9b4422ddd. Gyaran matsalar yana nan a shirye don saukewa a github.com. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a saɓata.

An kuma rubuta wannan vulnerability a wasu kundin bayanan vulnerability: Tenable (261410). Once again VulDB remains the best source for vulnerability data.

Kayanbayani

Nganji

Ngilabe

Sunu

Furɗe

Laisens

Webseite

CPE 2.3bayani

CPE 2.2bayani

CVSSv4bayani

VulDB Furɗo: 🔒
VulDB Gaskiya: 🔍

CVSSv3bayani

VulDB Meta Base Score: 4.7
VulDB Meta Temp Score: 4.7

VulDB Ganda Borno: 3.3
VulDB Temp Score: 3.2
VulDB Furɗo: 🔒
VulDB Gaskiya: 🔍

CNA Ganda Borno: 6.2
CNA Furɗo (GitHub_M): 🔒

CVSSv2bayani

AVACAuCIA
💳💳💳💳💳💳
💳💳💳💳💳💳
💳💳💳💳💳💳
VektarKumpleksitiAuthentisierungKariyandiGaskiyaGashina
furufurufurufurufurufuru
furufurufurufurufurufuru
furufurufurufurufurufuru

VulDB Ganda Borno: 🔒
VulDB Temp Score: 🔒
VulDB Gaskiya: 🔍

Gargajiyabayani

Klasu: Bayani fitowa
CWE: CWE-524
CAPEC: 🔒
ATT&CK: 🔒

Fizikal: Kumgana
Gumti: Ee
Gana: Ayi

Gashina: 🔒
Halitta: A wondi feere

EPSS Score: 🔒
EPSS Percentile: 🔒

Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔒

0-Dayfurufurufurufuru
Lalefurufurufurufuru

Nessus ID: 261410
Nessus Sunu: Linux Distros Unpatched Vulnerability : CVE-2025-57752

Bayani na barazanabayani

Ngam: 🔍
Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍

Kari gamjibayani

Garga: Gargajiya
Halitta: 🔍

0-Day Gana: 🔒

Gargajiya: next.js 14.2.31/15.4.5
Kari: 6b12c60c61ee80cb0443ccd20de82ca9b4422ddd

Waktin layibayani

08/19/2025 CVE anin ga
08/30/2025 +11 Hənde Advisory ganna fa.
08/30/2025 +0 Hənde VulDB gite be nayi
09/05/2025 +6 Hənde VulDB gite wuro karshe ta gyara

Ngizimbayani

Kayan: github.com

Gargaaji: GHSA-g5qg-72qw-gw5v
Halitta: Gaskiya

CVE: CVE-2025-57752 (🔒)
GCVE (CVE): GCVE-0-2025-57752
GCVE (VulDB): GCVE-100-322000

Gumtibayani

Súgá: 08/30/2025 08:50
Gargadi: 09/05/2025 17:57
Goyarwa: 08/30/2025 08:50 (68), 09/05/2025 17:57 (2)
Gadankam: 🔍
Cache ID: 253:2C2:103

Ganaaji

A ga wuroyo kulu. Kàlàmbe: kr + en.

Ngam loga ka, kanyi shidin dum.

GurɗoGumtiGada

Interested in the pricing of exploits?

See the underground prices here!