Add CVE-2024-47831

RetireJS · Oct 16, 2024 · 6e63be8 · 6e63be8
1 parent f419da0
commit 6e63be8
Show file tree

Hide file tree

Showing 5 changed files with 110 additions and 0 deletions.
diff --git a/repository/jsrepository-master.json b/repository/jsrepository-master.json
@@ -5124,6 +5124,28 @@
   "nextjs": {
     "npmname": "next",
     "vulnerabilities": [
+      {
+        "ranges": [
+          {
+            "atOrAbove": "10.0.0",
+            "below": "14.2.7"
+          }
+        ],
+        "summary": "Denial of Service condition in Next.js image optimization",
+        "cwe": ["CWE-674"],
+        "severity": "medium",
+        "identifiers": {
+          "CVE": ["CVE-2024-47831"],
+          "githubID": "GHSA-g77x-44xx-532m"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-g77x-44xx-532m",
+          "https://github.com/vercel/next.js/security/advisories/GHSA-g77x-44xx-532m",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-47831",
+          "https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a",
+          "https://github.com/vercel/next.js"
+        ]
+      },
       {
         "ranges": [
           {

diff --git a/repository/jsrepository-v2.json b/repository/jsrepository-v2.json
@@ -6945,6 +6945,28 @@
           "https://github.com/vercel/next.js"
         ]
       },
+      {
+        "atOrAbove": "10.0.0",
+        "below": "14.2.7",
+        "cwe": [
+          "CWE-674"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Denial of Service condition in Next.js image optimization",
+          "CVE": [
+            "CVE-2024-47831"
+          ],
+          "githubID": "GHSA-g77x-44xx-532m"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-g77x-44xx-532m",
+          "https://github.com/vercel/next.js/security/advisories/GHSA-g77x-44xx-532m",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-47831",
+          "https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a",
+          "https://github.com/vercel/next.js"
+        ]
+      },
       {
         "atOrAbove": "14.0.0",
         "below": "14.2.10",

diff --git a/repository/jsrepository-v3.json b/repository/jsrepository-v3.json
@@ -7107,6 +7107,28 @@
             "https://github.com/vercel/next.js"
           ]
         },
+        {
+          "atOrAbove": "10.0.0",
+          "below": "14.2.7",
+          "cwe": [
+            "CWE-674"
+          ],
+          "severity": "medium",
+          "identifiers": {
+            "summary": "Denial of Service condition in Next.js image optimization",
+            "CVE": [
+              "CVE-2024-47831"
+            ],
+            "githubID": "GHSA-g77x-44xx-532m"
+          },
+          "info": [
+            "https://github.com/advisories/GHSA-g77x-44xx-532m",
+            "https://github.com/vercel/next.js/security/advisories/GHSA-g77x-44xx-532m",
+            "https://nvd.nist.gov/vuln/detail/CVE-2024-47831",
+            "https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a",
+            "https://github.com/vercel/next.js"
+          ]
+        },
         {
           "atOrAbove": "14.0.0",
           "below": "14.2.10",

diff --git a/repository/jsrepository-v4.json b/repository/jsrepository-v4.json
@@ -7106,6 +7106,28 @@
           "https://github.com/vercel/next.js"
         ]
       },
+      {
+        "atOrAbove": "10.0.0",
+        "below": "14.2.7",
+        "cwe": [
+          "CWE-674"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Denial of Service condition in Next.js image optimization",
+          "CVE": [
+            "CVE-2024-47831"
+          ],
+          "githubID": "GHSA-g77x-44xx-532m"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-g77x-44xx-532m",
+          "https://github.com/vercel/next.js/security/advisories/GHSA-g77x-44xx-532m",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-47831",
+          "https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a",
+          "https://github.com/vercel/next.js"
+        ]
+      },
       {
         "atOrAbove": "14.0.0",
         "below": "14.2.10",

diff --git a/repository/jsrepository.json b/repository/jsrepository.json
@@ -6884,6 +6884,28 @@
           "https://github.com/vercel/next.js"
         ]
       },
+      {
+        "atOrAbove": "10.0.0",
+        "below": "14.2.7",
+        "cwe": [
+          "CWE-674"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Denial of Service condition in Next.js image optimization",
+          "CVE": [
+            "CVE-2024-47831"
+          ],
+          "githubID": "GHSA-g77x-44xx-532m"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-g77x-44xx-532m",
+          "https://github.com/vercel/next.js/security/advisories/GHSA-g77x-44xx-532m",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-47831",
+          "https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a",
+          "https://github.com/vercel/next.js"
+        ]
+      },
       {
         "atOrAbove": "14.0.0",
         "below": "14.2.10",