Skip to content

Commit 685f9c5

Browse files
ctatectate
authored
fix: upgrade Next.js to 16.0.7 (CVE-2025-55182) (#152)
This upgrade fixes CVE-2025-55182, a React Server Components RCE vulnerability. Co-authored-by: Chris Tate <ctate@users.noreply.github.com>
1 parent 3ab5c76 commit 685f9c5

File tree

2 files changed

+42
-42
lines changed

2 files changed

+42
-42
lines changed

lib/next-boilerplate/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
"lint": "eslint"
1010
},
1111
"dependencies": {
12-
"next": "16.0.3",
12+
"next": "16.0.7",
1313
"react": "19.2.0",
1414
"react-dom": "19.2.0"
1515
},

lib/next-boilerplate/pnpm-lock.yaml

Lines changed: 41 additions & 41 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)