Wiz
Datenbank der SchwachstelleCVE-2025-57752

CVE-2025-57752
ASP.NET Core Schwachstellenanalyse und -minderung

Überblick

Next.js, a React framework for building full-stack web applications, disclosed a cache key confusion vulnerability (CVE-2025-57752) affecting versions before 14.2.31 and from 15.0.0 to before 15.4.5. The vulnerability was discovered on August 29, 2025, and involves the Next.js Image Optimization API routes. When images returned from API routes vary based on request headers (such as Cookie or Authorization), these responses could be incorrectly cached and served to unauthorized users (NVD, GitHub Advisory).

Technische Details

The vulnerability lies in the Next.js Image Optimizer's handling of images served from internal API routes. The root cause was identified in the fetchInternalImage function within packages/next/src/server/image-optimizer.ts. This function was forwarding the incoming request's headers to the internal API route, causing the route to generate user-specific images. However, the resulting optimized image was stored in the cache using a key that did not include the headers that influenced the image content. The vulnerability has been assigned a CVSS v3.1 base score of 6.2 (Moderate) with a vector string of CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (GitHub Advisory, Vercel Changelog).

Aufprall

The vulnerability could lead to unauthorized disclosure of user-specific or protected image content and cross-user leakage of conditional content via CDN or internal cache. This issue arises without user interaction and requires no elevated privileges, only a prior authorized request to populate the cache. It's worth noting that Vercel deployments were never impacted by this vulnerability (Vercel Changelog).

Risikominderung und Problemumgehungen

The issue has been fixed in Next.js versions 14.2.31 and 15.4.5. The resolution ensures that request headers aren't forwarded to the request that is proxied to the image endpoint, preventing the image endpoint from serving images that require authorization data and thus cannot be cached. All users are encouraged to upgrade if they use API routes to serve images that depend on request headers and have image optimization enabled (GitHub Advisory, Vercel Changelog).

Zusätzliche Ressourcen

QuelleDieser Bericht wurde mithilfe von KI erstellt

Verwandt ASP.NET Core Schwachstellen:

CVE-Kennung

Strenge

Punktzahl

Technologieen

Name der Komponente

CISA KEV-Exploit

Hat fix

Veröffentlichungsdatum

CVE-2025-55315CRITICAL9.9
  • C#C#
  • dotnet-templates-9.0
NeinJaOct 14, 2025
CVE-2025-59144HIGH8.8
  • JavaScriptJavaScript
  • dotnet-targeting-pack-6.0
NeinJaSep 15, 2025
CVE-2025-55247HIGH7.3
  • C#C#
  • dotnet6
NeinJaOct 14, 2025
CVE-2025-57752MEDIUM6.2
  • ASP.NET CoreASP.NET Core
  • aspnetcore-targeting-pack-7.0
NeinJaAug 29, 2025
CVE-2025-55248MEDIUM5.7
  • C#C#
  • dotnet-apphost-pack-7.0
NeinJaOct 14, 2025

Kostenlose Schwachstellenbewertung

Benchmarking Ihrer Cloud-Sicherheitslage

Bewerten Sie Ihre Cloud-Sicherheitspraktiken in 9 Sicherheitsbereichen, um Ihr Risikoniveau zu bewerten und Lücken in Ihren Abwehrmaßnahmen zu identifizieren.

Bewertung anfordern

Zusätzliche Wiz-Ressourcen

Cloud Vulnerability DB

Cloud Vulnerability DB

Eine von der Community geführte Datenbank für Schwachstellen

PEACH

PEACH

Ein Framework zur Mandantenisolation

Eine personalisierte Demo anfordern

Sind Sie bereit, Wiz in Aktion zu sehen?

"Die beste Benutzererfahrung, die ich je gesehen habe, bietet vollständige Transparenz für Cloud-Workloads."
David EstlickCISO
"„Wiz bietet eine zentrale Oberfläche, um zu sehen, was in unseren Cloud-Umgebungen vor sich geht.“ "
Adam FletcherSicherheitsbeauftragter
"„Wir wissen, dass, wenn Wiz etwas als kritisch identifiziert, es auch tatsächlich ist.“"
Greg PoniatowskiLeiter Bedrohungs- und Schwachstellenmanagement
Demo anfordern