Closed renovate[bot] closed 6 days ago
The latest updates on your projects. Learn more about Vercel for Git โ๏ธ
Name | Status | Preview | Comments | Updated (UTC) |
---|---|---|---|---|
live-visual-editing-next | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-astro | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-next | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-next-with-i18n | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-nuxt | โ Failed (Inspect) | Sep 25, 2024 2:34pm | ||
visual-editing-page-builder-demo | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-remix | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-storybook | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-studio | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
visual-editing-svelte | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Sep 25, 2024 2:34pm |
Removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
๐ฎ Removed packages: npm/next@14.2.12
This PR contains the following updates:
14.2.12
->14.2.13
GitHub Vulnerability Alerts
CVE-2024-46982
Impact
By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a
Cache-Control: s-maxage=1, stale-while-revalidate
header which some upstream CDNs may cache as well.To be potentially affected all of the following must apply:
pages/dashboard.tsx
notpages/blog/[slug].tsx
The below configurations are unaffected:
Patches
This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not.
Workarounds
There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version.
Credits
Release Notes
vercel/next.js (next)
### [`v14.2.13`](https://redirect.github.com/vercel/next.js/compare/v14.2.12...f550237aa564bd59bfef7462350ac6c502f0206d) [Compare Source](https://redirect.github.com/vercel/next.js/compare/v14.2.12...v14.2.13)Configuration
๐ Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
๐ฆ Automerge: Enabled.
โป Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
๐ Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here