CVE-2024-34350

Description

Next.js Vulnerable to HTTP Request Smuggling

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://github.com/vercel/next.js/security/advisories/GHSA-77r5-gw3j-2mpf
• https://nvd.nist.gov/vuln/detail/CVE-2024-34350
• https://github.com/vercel/next.js/commit/44eba020c615f0d9efe431f84ada67b81576f3f5
• https://github.com/vercel/next.js
• https://github.com/vercel/next.js/compare/v13.5.0...v13.5.1