Vulnerability Details : CVE-2022-23646
Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface (UI) Misrepresentation of Critical Information. In order to be affected, the `next.config.js` file must have an `images.domains` array assigned and the image host assigned in `images.domains` must allow user-provided SVG. If the `next.config.js` file has `images.loader` assigned to something other than default, the instance is not affected. Version 12.1.0 contains a patch for this issue. As a workaround, change `next.config.js` to use a different `loader configuration` other than the default.
Products affected by CVE-2022-23646
- cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-23646
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-23646
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST | |
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.2
|
3.6
|
GitHub, Inc. |
CWE ids for CVE-2022-23646
-
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.Assigned by: security-advisories@github.com (Primary)
References for CVE-2022-23646
-
https://github.com/vercel/next.js/security/advisories/GHSA-fmvm-x8mv-47mj
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.0.10 · Advisory · vercel/next.js · GitHubIssue Tracking;Mitigation;Patch;Third Party Advisory
-
https://github.com/vercel/next.js/releases/tag/v12.1.0
Release v12.1.0 · vercel/next.js · GitHubRelease Notes;Third Party Advisory
-
https://github.com/vercel/next.js/pull/34075
Update to leverage response-cache for image-optimizer by ijjk · Pull Request #34075 · vercel/next.js · GitHubIssue Tracking;Patch;Third Party Advisory
Jump to