Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:npm/next@10.0.5

Type npm

Namespace

Name next

Version 10.0.5

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 10.2.1

Latest_non_vulnerable_version 16.1.5

Affected_by_vulnerabilities

url VCID-q3jj-prk9-kqhr

vulnerability_id VCID-q3jj-prk9-kqhr

summary

URL Redirection to Untrusted Site (Open Redirect)
Next.In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain.

references

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-37699
reference_id	CVE-2021-37699
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-37699

fixed_packages

url	pkg:npm/next@10.2.1
purl	pkg:npm/next@10.2.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/next@10.2.1

aliases CVE-2021-37699, GHSA-vxf5-wxwp-m7g9

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3jj-prk9-kqhr

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:npm/next@10.0.5

Package Instance