CVE-2018-6184

CVE: CVE-2018-6184
Published: 2018-01-24T10:29Z
Vendor: zeit
Products: next.js
Versions: 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.2.0, 4.2.1, 4.2.2,
Description Language: en
Description: ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.
References:
https://github.com/zeit/next.js/releases/tag/4.2.3