Skip to content

fix(next): address CVE-2025-27789 vulnerability risk #78664

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

fix(next): address CVE-2025-27789 vulnerability risk #78664

wants to merge 1 commit into from
+27 −27

Conversation

caccialdo
Copy link

@caccialdo caccialdo commented Apr 29, 2025
edited
Loading

Babel Security Update Summary

  • Updated @babel/runtime from 7.22.5 to 7.26.10 in packages/next/package.json
  • Updated corresponding dependency in pnpm-lock.yaml
  • Changed underlying regenerator-runtime dependency from version 0.13.11 to 0.14.1
  • Updated all related package references to use the new @babel/runtime version
  • These changes address the security vulnerability CVE-2025-27789

Fixes NEXT-77879

@ijjk ijjk added examples Issue was opened via the examples template. type: next labels Apr 29, 2025
@ijjk
Copy link
Member

ijjk commented Apr 29, 2025
edited
Loading

Allow CI Workflow Run

  • approve CI run for commit: 49b0647

Note: this should only be enabled once the PR is ready to go and can only be enabled by a maintainer

@caccialdo caccialdo marked this pull request as ready for review April 29, 2025 12:09
@xendren xendren mentioned this pull request Apr 29, 2025
Closed
@huozhi huozhi mentioned this pull request Apr 29, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
examples Issue was opened via the examples template. type: next
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@caccialdo @ijjk