Skip to content

Commit d29bb06

Browse files
vercel[bot]anthonyshew
vercel[bot]
and
anthonyshew
authored
fix: React Server Components CVE vulnerabilities (#11245)
> [!IMPORTANT] > This is an automatic PR generated by Vercel to help you patch known vulnerabilities related to CVE-2025-55182 (React2Shell), CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779. We can't guarantee the PR is comprehensive, and it may contain mistakes. Not all projects are affected by all issues, but **patched versions are required to ensure full remediation**. Vercel has deployed WAF mitigations globally to help protect your application, but upgrading remains required for complete protection. This automated pull request updates your React, Next.js, and related Server Components packages to versions that fix **all currently known React Server Components vulnerabilities**, including the two newly discovered issues. See our [Security Bulletins](https://vercel.com/kb/bulletin/) for more information and reach out to [email protected] with any questions. Fixes VULN-3312 --------- Co-authored-by: Vercel <vercel[bot]@users.noreply.github.com> Co-authored-by: Anthony Shew <[email protected]>
1 parent 1862b60 commit d29bb06

File tree

51 files changed

+1513
-3114
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

51 files changed

+1513
-3114
lines changed

docs/site/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@
4747
"geist": "1.3.1",
4848
"linkedom": "0.18.12",
4949
"lucide-react": "0.479.0",
50-
"next": "15.5.7",
50+
"next": "15.5.9",
5151
"next-themes": "0.4.6",
5252
"react": "19.0.0",
5353
"react-dom": "19.0.0",

examples/basic/apps/docs/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
},
1313
"dependencies": {
1414
"@repo/ui": "workspace:*",
15-
"next": "^16.0.7",
15+
"next": "16.0.10",
1616
"react": "^19.2.0",
1717
"react-dom": "^19.2.0"
1818
},

examples/basic/apps/web/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
},
1313
"dependencies": {
1414
"@repo/ui": "workspace:*",
15-
"next": "^16.0.7",
15+
"next": "16.0.10",
1616
"react": "^19.2.0",
1717
"react-dom": "^19.2.0"
1818
},

examples/basic/pnpm-lock.yaml

Lines changed: 43 additions & 43 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

examples/kitchen-sink/apps/storefront/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@
1313
"dependencies": {
1414
"@repo/logger": "workspace:*",
1515
"@repo/ui": "workspace:*",
16-
"next": "^16.0.7",
16+
"next": "16.0.10",
1717
"react": "^19.2.0",
1818
"react-dom": "^19.1.0"
1919
},

examples/kitchen-sink/pnpm-lock.yaml

Lines changed: 31 additions & 31 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

examples/non-monorepo/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
"check-types": "next typegen && tsc --noEmit"
1111
},
1212
"dependencies": {
13-
"next": "16.0.7",
13+
"next": "16.0.10",
1414
"react": "19.2.0",
1515
"react-dom": "19.2.0"
1616
},

0 commit comments

Comments
 (0)