{"url":"http://public2.vulnerablecode.io/api/packages/59783?format=json","purl":"pkg:npm/next@12.0.5","type":"npm","namespace":"","name":"next","version":"12.0.5","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"12.0.9","latest_non_vulnerable_version":"16.1.5","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41849?format=json","vulnerability_id":"VCID-stms-k1mv-pkhp","summary":"Improper Input Validation\nNext handling invalid or malformed URLs could lead to a server crash. Deployments on Vercel are not affected, along with similar environments where invalid requests are filtered before reaching Next.js.","references":[{"reference_url":"https://github.com/vercel/next.js/commit/6d98b4fb4315dec1badecf0e9bdc212a4272b264","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vercel/next.js/commit/6d98b4fb4315dec1badecf0e9bdc212a4272b264"},{"reference_url":"https://github.com/vercel/next.js/pull/32080","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vercel/next.js/pull/32080"},{"reference_url":"https://github.com/vercel/next.js/releases/tag/v11.1.3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vercel/next.js/releases/tag/v11.1.3"},{"reference_url":"https://github.com/vercel/next.js/releases/v12.0.5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vercel/next.js/releases/v12.0.5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43803","reference_id":"CVE-2021-43803","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43803"},{"reference_url":"https://github.com/vercel/next.js/security/advisories/GHSA-25mp-g6fv-mqxx","reference_id":"GHSA-25mp-g6fv-mqxx","reference_type":"","scores":[],"url":"https://github.com/vercel/next.js/security/advisories/GHSA-25mp-g6fv-mqxx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59782?format=json","purl":"pkg:npm/next@11.1.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@11.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/59783?format=json","purl":"pkg:npm/next@12.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@12.0.5"}],"aliases":["CVE-2021-43803","GHSA-25mp-g6fv-mqxx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stms-k1mv-pkhp"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@12.0.5"}