TechFlow news — SlowMist Chief Information Security Officer (CISO) 23pds reported a full-read SSRF vulnerability (CVE-2024-34351) discovered in the React web application framework Next.js, which could allow attackers to read arbitrary files on the server.
Notably, a significant number of cryptocurrency platforms use this framework. The official team has already released a patch; upgrading Next.js to the latest version v14.1.1 will fix the vulnerability.




