Skip to content

Commit

Permalink
Merge pull request #10 from weissaufschwarz/fix-vuln
Browse files Browse the repository at this point in the history 
fix vulnerability
  • Loading branch information
@willyfromtheblock
willyfromtheblock authored Dec 20, 2024
2 parents a08c678 + e33e446 commit f3a6ff0
Show file tree
Hide file tree
Showing 3 changed files with 118 additions and 102 deletions.
5 changes: 5 additions & 0 deletions .changeset/serious-snails-kneel.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@weissaufschwarz/mitthooks-nextjs": patch
---

FIx vulnerability: If a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed.
2 changes: 1 addition & 1 deletion packages/mitthooks-nextjs/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,6 @@
"@repo/eslint-config": "workspace:*"
},
"peerDependencies": {
"next": ">=14"
"next": ">=14.2.15"
}
}
Loading

0 comments on commit f3a6ff0

Please sign in to comment.