{"url":"http://public2.vulnerablecode.io/api/packages/72740?format=json","purl":"pkg:npm/next@15.1.9","type":"npm","namespace":"","name":"next","version":"15.1.9","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"15.1.11","latest_non_vulnerable_version":"16.1.5","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49336?format=json","vulnerability_id":"VCID-k1q6-b8t3-hqb6","summary":"Duplicate\nThis advisory duplicates another.","references":[{"reference_url":"https://github.com/facebook/react","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/facebook/react"},{"reference_url":"https://github.com/facebook/react/commit/7dc903cd29dac55efb4424853fd0442fef3a8700","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/facebook/react/commit/7dc903cd29dac55efb4424853fd0442fef3a8700"},{"reference_url":"https://github.com/facebook/react/pull/35277","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/facebook/react/pull/35277"},{"reference_url":"https://github.com/facebook/react/releases/tag/v19.0.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/facebook/react/releases/tag/v19.0.1"},{"reference_url":"https://github.com/facebook/react/releases/tag/v19.1.2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/facebook/react/releases/tag/v19.1.2"},{"reference_url":"https://github.com/facebook/react/releases/tag/v19.2.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/facebook/react/releases/tag/v19.2.1"},{"reference_url":"https://github.com/vercel/next.js","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vercel/next.js"},{"reference_url":"https://news.ycombinator.com/item?id=46136026","reference_id":"","reference_type":"","scores":[],"url":"https://news.ycombinator.com/item?id=46136026"},{"reference_url":"https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components","reference_id":"","reference_type":"","scores":[],"url":"https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55182","reference_id":"CVE-2025-55182","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55182"},{"reference_url":"https://www.facebook.com/security/advisories/cve-2025-55182","reference_id":"CVE-2025-55182","reference_type":"","scores":[],"url":"https://www.facebook.com/security/advisories/cve-2025-55182"},{"reference_url":"https://github.com/ejpir/CVE-2025-55182-poc","reference_id":"CVE-2025-55182-POC","reference_type":"","scores":[],"url":"https://github.com/ejpir/CVE-2025-55182-poc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-66478","reference_id":"CVE-2025-66478","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-66478"},{"reference_url":"https://github.com/advisories/GHSA-9qr9-h5gf-34mp","reference_id":"GHSA-9qr9-h5gf-34mp","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9qr9-h5gf-34mp"},{"reference_url":"https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp","reference_id":"GHSA-9qr9-h5gf-34mp","reference_type":"","scores":[],"url":"https://github.com/vercel/next.js/security/advisories/GHSA-9qr9-h5gf-34mp"},{"reference_url":"https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-fmh4-wr37-44fp","reference_id":"GHSA-fmh4-wr37-44fp","reference_type":"","scores":[],"url":"https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-fmh4-wr37-44fp"},{"reference_url":"https://github.com/advisories/GHSA-fv66-9v8q-g76r","reference_id":"GHSA-fv66-9v8q-g76r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fv66-9v8q-g76r"},{"reference_url":"https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r","reference_id":"GHSA-fv66-9v8q-g76r","reference_type":"","scores":[],"url":"https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/72739?format=json","purl":"pkg:npm/next@15.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@15.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/72740?format=json","purl":"pkg:npm/next@15.1.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@15.1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/72741?format=json","purl":"pkg:npm/next@15.2.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@15.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/72742?format=json","purl":"pkg:npm/next@15.3.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@15.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/72743?format=json","purl":"pkg:npm/next@15.4.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@15.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/72744?format=json","purl":"pkg:npm/next@15.5.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@15.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/72745?format=json","purl":"pkg:npm/next@16.0.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@16.0.7"}],"aliases":["CVE-2025-55182","CVE-2025-66478","GHSA-9qr9-h5gf-34mp","GHSA-fv66-9v8q-g76r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1q6-b8t3-hqb6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/next@15.1.9"}