diff --git a/advisories/github-reviewed/2025/12/GHSA-9qr9-h5gf-34mp/GHSA-9qr9-h5gf-34mp.json b/advisories/github-reviewed/2025/12/GHSA-9qr9-h5gf-34mp/GHSA-9qr9-h5gf-34mp.json index ddc1e0e4e1a89..833f584b73f40 100644 --- a/advisories/github-reviewed/2025/12/GHSA-9qr9-h5gf-34mp/GHSA-9qr9-h5gf-34mp.json +++ b/advisories/github-reviewed/2025/12/GHSA-9qr9-h5gf-34mp/GHSA-9qr9-h5gf-34mp.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-9qr9-h5gf-34mp", - "modified": "2025-12-08T21:36:57Z", + "modified": "2025-12-08T21:36:59Z", "published": "2025-12-03T19:07:11Z", "aliases": [], "summary": "Next.js is vulnerable to RCE in React flight protocol", @@ -42,10 +42,10 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "15.1.0-canary.0" + "introduced": "15.2.0-canary.0" }, { - "fixed": "15.1.9" + "fixed": "15.2.6" } ] } @@ -61,10 +61,10 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "15.2.0-canary.0" + "introduced": "15.3.0-canary.0" }, { - "fixed": "15.2.6" + "fixed": "15.3.6" } ] } @@ -80,10 +80,10 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "15.3.0-canary.0" + "introduced": "15.4.0-canary.0" }, { - "fixed": "15.3.6" + "fixed": "15.4.8" } ] } @@ -99,10 +99,10 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "15.4.0-canary.0" + "introduced": "16.0.0-canary.0" }, { - "fixed": "15.4.8" + "fixed": "16.0.7" } ] } @@ -118,10 +118,10 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "15.5.0-canary.0" + "introduced": "15.1.0-canary.0" }, { - "fixed": "15.5.7" + "fixed": "15.1.9" } ] } @@ -137,10 +137,10 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "16.0.0-canary.0" + "introduced": "15.5.0-canary.0" }, { - "fixed": "16.0.7" + "fixed": "15.5.7" } ] } @@ -156,6 +156,10 @@ "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55182" }, + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-fv66-9v8q-g76r" + }, { "type": "PACKAGE", "url": "https://github.com/vercel/next.js"