Description
ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.
Remediation
References
https://github.com/zeit/next.js/releases/tag/4.2.3
Related Vulnerabilities
CVE-2019-16335 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2020-28442 Vulnerability in maven package org.webjars.bower:js-data
CVE-2021-3766 Vulnerability in npm package objection
CVE-2021-23354 Vulnerability in npm package printf
CVE-2019-10769 Vulnerability in maven package org.webjars.npm:safer-eval