FRONTEND
Next.js v15.5.18
RESUMEN
This release contains security fixes for the following advisories: High: - GHSA-8h8q-6873-q5fj: Denial of Service with Server Components - [GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via
Descripción Detallada
This release contains security fixes for the following advisories: High: - GHSA-8h8q-6873-q5fj: Denial of Service with Server Components - GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up - GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components - GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection - GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades - GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n Moderate: - GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces - [GHSA-gx5p-jg67-6x7
Explicación con IA
Genera un resumen en lenguaje claro de los cambios de este release.
Releases Relacionados
FRONTEND
Next.js v16.2.9
Empty release to ensure `next@latest` points at a stable release. Next.js only allows publishing with Trusted Publishing enabled. In order to fix NPM dist-tags, we have to release a new version. Updating dist-tags is not possible with Trusted Publishing.
FRONTEND
Next.js v16.2.8
Release with no changes in an attempt to fix `next@latest` pointing at a prerelease version.
FRONTEND