Vercel: >> Next.js >> 2.3 Security Vulnerabilities
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-10-22