CVE-2018-6184

ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
zeitnext.js
4.0.0
zeitnext.js
4.0.1
zeitnext.js
4.0.2
zeitnext.js
4.0.3
zeitnext.js
4.0.4
zeitnext.js
4.0.5
zeitnext.js
4.1.0
zeitnext.js
4.1.1
zeitnext.js
4.1.2
zeitnext.js
4.1.3
zeitnext.js
4.1.4
zeitnext.js
4.1.4:canary_1
zeitnext.js
4.1.4:canary_2
zeitnext.js
4.2.0
zeitnext.js
4.2.0:canary_1
zeitnext.js
4.2.1
zeitnext.js
4.2.2
𝑥
= Vulnerable software versions