更新: 2933 个文件 - 2026-03-18 11:36:11

08-threat-intel/registry/advisories/nextjs--GHSA-w37m-7fhw-fmv9.json

@@ -0,0 +1,99 @@
+{
+  "canonical_id": "nextjs--GHSA-w37m-7fhw-fmv9",
+  "system_id": "nextjs",
+  "display_name": "Next.js",
+  "category": "frameworks",
+  "advisory_mode": "core",
+  "title": "Next Server Actions Source Code Exposure ",
+  "summary": "A vulnerability affects certain React packages for versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as [CVE-2025-55183](https://www.cve.org/CVERecord?id=CVE-2025-55183).\n\nA malicious HTTP request can be crafted and sent to any App Router endpoint that can return the compiled source code of [Server Functions](https://react.dev/reference/rsc/server-functions). This could reveal business logic, but would not expose secrets unless they were hardcoded directly into [Server Function](https://react.dev/reference/rsc/server-functions) code.",
+  "published_at": "2025-12-11T22:49:56Z",
+  "updated_at": "2026-02-04T02:51:40.627151Z",
+  "severity": "low",
+  "cvss_score": 3.1,
+  "exploit_status": "unknown",
+  "source_confidence": "official",
+  "official_source_url": "https://github.com/vercel/next.js/security/advisories/GHSA-w37m-7fhw-fmv9",
+  "secondary_source_urls": [
+    "https://github.com/vercel/next.js",
+    "https://nextjs.org/blog/security-update-2025-12-11",
+    "https://www.cve.org/CVERecord?id=CVE-2025-55183"
+  ],
+  "aliases": [
+    "GHSA-w37m-7fhw-fmv9"
+  ],
+  "cve_ids": [],
+  "ghsa_ids": [
+    "GHSA-w37m-7fhw-fmv9"
+  ],
+  "osv_ids": [
+    "GHSA-w37m-7fhw-fmv9"
+  ],
+  "affected_versions": [
+    "introduced=15.0.0-canary.0, fixed<15.0.6",
+    "introduced=15.1.1-canary.0, fixed<15.1.10",
+    "introduced=15.2.0-canary.0, fixed<15.2.7",
+    "introduced=15.3.0-canary.0, fixed<15.3.7",
+    "introduced=15.4.0-canary.0, fixed<15.4.9",
+    "introduced=15.5.1-canary.0, fixed<15.5.8",
+    "introduced=15.6.0-canary.0, fixed<15.6.0-canary.59",
+    "introduced=16.0.0-beta.0, fixed<16.0.9",
+    "introduced=16.1.0-canary.0, fixed<16.1.0-canary.17"
+  ],
+  "fixed_versions": [
+    "15.0.6",
+    "15.1.10",
+    "15.2.7",
+    "15.3.7",
+    "15.4.9",
+    "15.5.8",
+    "15.6.0-canary.59",
+    "16.0.9",
+    "16.1.0-canary.17"
+  ],
+  "package_name": "next",
+  "render_markdown": true,
+  "case_path": "07-framework-security/frameworks/nextjs/cases/nextjs-ghsa-w37m-7fhw-fmv9.md",
+  "secure_code_topics": [
+    "authz-server-side-recheck",
+    "proxy-trust-boundary",
+    "token-cookie-storage",
+    "dependency-upgrade-policy"
+  ],
+  "status": "generated",
+  "triage_reasons": [],
+  "verification_status": "verified-real",
+  "verification_mode": "real",
+  "last_verified_at": "2026-03-18T03:58:55+00:00",
+  "last_run_id": "nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848",
+  "evidence_bundle": "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848",
+  "browser_evidence": {
+    "required": false,
+    "present": true,
+    "refs": [
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline.png",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline-dom.html",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-console.json",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-network.json",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-page.json",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof.png",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof-dom.html",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-console.json",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-network.json",
+      "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-page.json"
+    ]
+  },
+  "repro_profile_id": "nextjs-proxy-boundary",
+  "artifact_mode": "local-fixture",
+  "blocked_reason": null,
+  "metadata": {
+    "source_names": [
+      "OSV Next.js"
+    ],
+    "source_kinds": [
+      "osv-batch"
+    ],
+    "candidate_count": 1
+  },
+  "historical_status": "verified-real",
+  "latest_status": "verified-real"
+}