{"id":"CVE-2025-57822","summary":"Next.js Improper Middleware Redirect Handling Leads to SSRF","details":"Next.js is a React framework for building full-stack web applications. Prior to versions 14.2.32 and 15.4.7, when next() was used without explicitly passing the request object, it could lead to SSRF in self-hosted applications that incorrectly forwarded user-supplied headers. This vulnerability has been fixed in Next.js versions 14.2.32 and 15.4.7. All users implementing custom middleware logic in self-hosted environments are strongly encouraged to upgrade and verify correct usage of the next() function.","aliases":["GHSA-4342-x723-ch2f"],"modified":"2026-04-10T05:31:13.172054Z","published":"2025-08-29T21:33:15.304Z","related":["CGA-wpvj-5hjh-p49g"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/57xxx/CVE-2025-57822.json","cwe_ids":["CWE-918"],"cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://vercel.com/changelog/cve-2025-57822"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/57xxx/CVE-2025-57822.json"},{"type":"ADVISORY","url":"https://github.com/vercel/next.js/security/advisories/GHSA-4342-x723-ch2f"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-57822"},{"type":"FIX","url":"https://github.com/vercel/next.js/commit/9c9aaed5bb9338ef31b0517ccf0ab4414f2093d8"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/vercel/next.js","events":[{"introduced":"51bfe3c1863b191f4b039bc230e8ed5c57b0baf3"},{"fixed":"f30d815859e932e09222e93bb6e8a376b918d874"}]}],"versions":["v15.0.0","v15.0.1","v15.0.1-canary.0","v15.0.1-canary.1","v15.0.1-canary.2","v15.0.1-canary.3","v15.0.2","v15.0.2-canary.0","v15.0.2-canary.1","v15.0.2-canary.10","v15.0.2-canary.11","v15.0.2-canary.2","v15.0.2-canary.3","v15.0.2-canary.4","v15.0.2-canary.5","v15.0.2-canary.6","v15.0.2-canary.7","v15.0.2-canary.8","v15.0.2-canary.9","v15.0.3","v15.0.3-canary.0","v15.0.3-canary.1","v15.0.3-canary.2","v15.0.3-canary.3","v15.0.3-canary.4","v15.0.3-canary.5","v15.0.3-canary.6","v15.0.3-canary.7","v15.0.3-canary.8","v15.0.3-canary.9","v15.0.4-canary.0","v15.0.4-canary.1","v15.0.4-canary.10","v15.0.4-canary.11","v15.0.4-canary.12","v15.0.4-canary.13","v15.0.4-canary.14","v15.0.4-canary.15","v15.0.4-canary.16","v15.0.4-canary.17","v15.0.4-canary.18","v15.0.4-canary.19","v15.0.4-canary.2","v15.0.4-canary.20","v15.0.4-canary.21","v15.0.4-canary.22","v15.0.4-canary.23","v15.0.4-canary.24","v15.0.4-canary.25","v15.0.4-canary.26","v15.0.4-canary.27","v15.0.4-canary.28","v15.0.4-canary.29","v15.0.4-canary.3","v15.0.4-canary.30","v15.0.4-canary.31","v15.0.4-canary.32","v15.0.4-canary.33","v15.0.4-canary.34","v15.0.4-canary.35","v15.0.4-canary.36","v15.0.4-canary.37","v15.0.4-canary.38","v15.0.4-canary.39","v15.0.4-canary.4","v15.0.4-canary.40","v15.0.4-canary.41","v15.0.4-canary.42","v15.0.4-canary.43","v15.0.4-canary.44","v15.0.4-canary.45","v15.0.4-canary.46","v15.0.4-canary.47","v15.0.4-canary.48","v15.0.4-canary.49","v15.0.4-canary.5","v15.0.4-canary.50","v15.0.4-canary.51","v15.0.4-canary.52","v15.0.4-canary.6","v15.0.4-canary.7","v15.0.4-canary.8","v15.0.4-canary.9","v15.1.0","v15.1.1-canary.0","v15.1.1-canary.1","v15.1.1-canary.10","v15.1.1-canary.11","v15.1.1-canary.12","v15.1.1-canary.13","v15.1.1-canary.14","v15.1.1-canary.15","v15.1.1-canary.16","v15.1.1-canary.17","v15.1.1-canary.18","v15.1.1-canary.19","v15.1.1-canary.2","v15.1.1-canary.20","v15.1.1-canary.21","v15.1.1-canary.22","v15.1.1-canary.23","v15.1.1-canary.24","v15.1.1-canary.25","v15.1.1-canary.26","v15.1.1-canary.27","v15.1.1-canary.3","v15.1.1-canary.4","v15.1.1-canary.5","v15.1.1-canary.6","v15.1.1-canary.7","v15.1.1-canary.8","v15.1.1-canary.9","v15.2.0","v15.2.0-canary.0","v15.2.0-canary.1","v15.2.0-canary.10","v15.2.0-canary.11","v15.2.0-canary.12","v15.2.0-canary.13","v15.2.0-canary.14","v15.2.0-canary.15","v15.2.0-canary.16","v15.2.0-canary.17","v15.2.0-canary.18","v15.2.0-canary.19","v15.2.0-canary.2","v15.2.0-canary.20","v15.2.0-canary.21","v15.2.0-canary.22","v15.2.0-canary.23","v15.2.0-canary.24","v15.2.0-canary.25","v15.2.0-canary.26","v15.2.0-canary.27","v15.2.0-canary.28","v15.2.0-canary.29","v15.2.0-canary.3","v15.2.0-canary.30","v15.2.0-canary.31","v15.2.0-canary.32","v15.2.0-canary.33","v15.2.0-canary.34","v15.2.0-canary.35","v15.2.0-canary.36","v15.2.0-canary.38","v15.2.0-canary.39","v15.2.0-canary.4","v15.2.0-canary.40","v15.2.0-canary.41","v15.2.0-canary.42","v15.2.0-canary.43","v15.2.0-canary.44","v15.2.0-canary.45","v15.2.0-canary.46","v15.2.0-canary.47","v15.2.0-canary.48","v15.2.0-canary.49","v15.2.0-canary.5","v15.2.0-canary.50","v15.2.0-canary.51","v15.2.0-canary.52","v15.2.0-canary.53","v15.2.0-canary.54","v15.2.0-canary.55","v15.2.0-canary.56","v15.2.0-canary.57","v15.2.0-canary.58","v15.2.0-canary.59","v15.2.0-canary.6","v15.2.0-canary.60","v15.2.0-canary.61","v15.2.0-canary.62","v15.2.0-canary.63","v15.2.0-canary.64","v15.2.0-canary.65","v15.2.0-canary.66","v15.2.0-canary.67","v15.2.0-canary.68","v15.2.0-canary.69","v15.2.0-canary.7","v15.2.0-canary.70","v15.2.0-canary.71","v15.2.0-canary.72","v15.2.0-canary.73","v15.2.0-canary.74","v15.2.0-canary.75","v15.2.0-canary.76","v15.2.0-canary.77","v15.2.0-canary.8","v15.2.0-canary.9","v15.2.1","v15.2.1-canary.0","v15.2.1-canary.1","v15.2.1-canary.2","v15.2.1-canary.3","v15.2.1-canary.4","v15.2.1-canary.5","v15.2.1-canary.6","v15.2.2-canary.0","v15.2.2-canary.1","v15.2.2-canary.2","v15.2.2-canary.3","v15.2.2-canary.4","v15.2.2-canary.5","v15.2.2-canary.6","v15.2.2-canary.7","v15.3.0","v15.3.0-canary.0","v15.3.0-canary.1","v15.3.0-canary.10","v15.3.0-canary.11","v15.3.0-canary.12","v15.3.0-canary.13","v15.3.0-canary.14","v15.3.0-canary.15","v15.3.0-canary.16","v15.3.0-canary.17","v15.3.0-canary.18","v15.3.0-canary.19","v15.3.0-canary.2","v15.3.0-canary.20","v15.3.0-canary.21","v15.3.0-canary.22","v15.3.0-canary.23","v15.3.0-canary.24","v15.3.0-canary.25","v15.3.0-canary.26","v15.3.0-canary.27","v15.3.0-canary.28","v15.3.0-canary.29","v15.3.0-canary.3","v15.3.0-canary.30","v15.3.0-canary.31","v15.3.0-canary.32","v15.3.0-canary.33","v15.3.0-canary.34","v15.3.0-canary.35","v15.3.0-canary.36","v15.3.0-canary.37","v15.3.0-canary.38","v15.3.0-canary.39","v15.3.0-canary.4","v15.3.0-canary.40","v15.3.0-canary.41","v15.3.0-canary.42","v15.3.0-canary.43","v15.3.0-canary.44","v15.3.0-canary.45","v15.3.0-canary.46","v15.3.0-canary.5","v15.3.0-canary.6","v15.3.0-canary.7","v15.3.0-canary.8","v15.3.0-canary.9","v15.3.1-canary.0","v15.3.1-canary.1","v15.3.1-canary.10","v15.3.1-canary.11","v15.3.1-canary.12","v15.3.1-canary.13","v15.3.1-canary.14","v15.3.1-canary.15","v15.3.1-canary.2","v15.3.1-canary.3","v15.3.1-canary.4","v15.3.1-canary.5","v15.3.1-canary.6","v15.3.1-canary.7","v15.3.1-canary.8","v15.3.1-canary.9","v15.4.0","v15.4.0-canary.0","v15.4.0-canary.1","v15.4.0-canary.10","v15.4.0-canary.100","v15.4.0-canary.101","v15.4.0-canary.102","v15.4.0-canary.103","v15.4.0-canary.104","v15.4.0-canary.105","v15.4.0-canary.107","v15.4.0-canary.108","v15.4.0-canary.109","v15.4.0-canary.11","v15.4.0-canary.110","v15.4.0-canary.111","v15.4.0-canary.112","v15.4.0-canary.113","v15.4.0-canary.114","v15.4.0-canary.115","v15.4.0-canary.116","v15.4.0-canary.117","v15.4.0-canary.118","v15.4.0-canary.119","v15.4.0-canary.12","v15.4.0-canary.120","v15.4.0-canary.121","v15.4.0-canary.122","v15.4.0-canary.123","v15.4.0-canary.124","v15.4.0-canary.125","v15.4.0-canary.126","v15.4.0-canary.127","v15.4.0-canary.128","v15.4.0-canary.129","v15.4.0-canary.13","v15.4.0-canary.130","v15.4.0-canary.14","v15.4.0-canary.15","v15.4.0-canary.16","v15.4.0-canary.17","v15.4.0-canary.18","v15.4.0-canary.19","v15.4.0-canary.2","v15.4.0-canary.20","v15.4.0-canary.21","v15.4.0-canary.22","v15.4.0-canary.23","v15.4.0-canary.24","v15.4.0-canary.25","v15.4.0-canary.26","v15.4.0-canary.27","v15.4.0-canary.28","v15.4.0-canary.29","v15.4.0-canary.3","v15.4.0-canary.30","v15.4.0-canary.31","v15.4.0-canary.32","v15.4.0-canary.33","v15.4.0-canary.34","v15.4.0-canary.35","v15.4.0-canary.36","v15.4.0-canary.37","v15.4.0-canary.38","v15.4.0-canary.39","v15.4.0-canary.4","v15.4.0-canary.40","v15.4.0-canary.42","v15.4.0-canary.43","v15.4.0-canary.45","v15.4.0-canary.46","v15.4.0-canary.48","v15.4.0-canary.49","v15.4.0-canary.5","v15.4.0-canary.50","v15.4.0-canary.51","v15.4.0-canary.52","v15.4.0-canary.53","v15.4.0-canary.54","v15.4.0-canary.55","v15.4.0-canary.56","v15.4.0-canary.57","v15.4.0-canary.58","v15.4.0-canary.59","v15.4.0-canary.6","v15.4.0-canary.60","v15.4.0-canary.61","v15.4.0-canary.62","v15.4.0-canary.63","v15.4.0-canary.64","v15.4.0-canary.65","v15.4.0-canary.66","v15.4.0-canary.67","v15.4.0-canary.68","v15.4.0-canary.69","v15.4.0-canary.7","v15.4.0-canary.70","v15.4.0-canary.71","v15.4.0-canary.72","v15.4.0-canary.73","v15.4.0-canary.74","v15.4.0-canary.75","v15.4.0-canary.76","v15.4.0-canary.77","v15.4.0-canary.78","v15.4.0-canary.79","v15.4.0-canary.8","v15.4.0-canary.80","v15.4.0-canary.81","v15.4.0-canary.82","v15.4.0-canary.83","v15.4.0-canary.84","v15.4.0-canary.85","v15.4.0-canary.86","v15.4.0-canary.87","v15.4.0-canary.88","v15.4.0-canary.89","v15.4.0-canary.9","v15.4.0-canary.90","v15.4.0-canary.91","v15.4.0-canary.92","v15.4.0-canary.93","v15.4.0-canary.94","v15.4.0-canary.95","v15.4.0-canary.96","v15.4.0-canary.97","v15.4.0-canary.98","v15.4.0-canary.99","v15.4.1","v15.4.2","v15.4.3","v15.4.4","v15.4.5","v15.4.6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57822.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N"}]}