Skip to content

Commit 3678ca9

Browse files
dcbouiusdcbouius
committed
fix: upgrade Next.js to 15.5.7 to patch CVE-2025-66478
Critical (CVSS 10.0) Remote Code Execution vulnerability in React Server Components. Affects Next.js 15.x < 15.5.7. Reference: https://nextjs.org/blog/CVE-2025-66478
1 parent 8a1f52f commit 3678ca9

File tree

2 files changed

+132
-119
lines changed

2 files changed

+132
-119
lines changed

package-lock.json

Lines changed: 131 additions & 118 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
"@types/react": "^18.2.0",
1313
"@types/react-dom": "^18.2.0",
1414
"@vectorize-io/vectorize-connect": "^0.4.0",
15-
"next": "15.5.3",
15+
"next": "^15.5.7",
1616
"react": "^18.2.0",
1717
"react-dom": "^18.2.0"
1818
},

0 commit comments

Comments
 (0)