Skip to content

Security Vulnerability on compiled dependency (@babel/runtime < 7.26.10 >= 8.0.0-alpha.0, < 8.0.0-alpha.16) - CVE-2025-27789 #79331

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
eriestrisnadi opened this issue May 17, 2025 · 1 comment
Closed

Security Vulnerability on compiled dependency (@babel/runtime < 7.26.10 >= 8.0.0-alpha.0, < 8.0.0-alpha.16) - CVE-2025-27789 #79331

eriestrisnadi opened this issue May 17, 2025 · 1 comment
Labels
Runtime Related to Node.js or Edge Runtime with Next.js.

Comments

@eriestrisnadi
Copy link

Link to the code that reproduces this issue

babel/babel#17173

To Reproduce

N/A

Current vs. Expected behavior

N/A

Provide environment information

Operating System:
  Platform: win32
  Arch: x64
  Version: Windows 11 Pro
  Available memory (MB): 15725
  Available CPU cores: 16
Binaries:
  Node: 22.11.0
  npm: 10.9.0
  Yarn: 4.5.1
  pnpm: N/A
Relevant Packages:
  next: 15.3.2
  eslint-config-next: 15.2.4
  react: 19.1.0
  react-dom: 19.1.0
  typescript: 5.2.2
Next.js Config:
  output: standalone

Which area(s) are affected? (Select all that apply)

Runtime, Not sure

Which stage(s) are affected? (Select all that apply)

Other (Deployed)

Additional context

Nexus OSS raised a security vulnerability on one of Nextjs dependency @babel/runtime CVE-2025-27789.

Here is the captured details of the report:
Image
@github-actions github-actions bot added the Runtime Related to Node.js or Edge Runtime with Next.js. label May 17, 2025
@IvanWei
Copy link

IvanWei commented May 19, 2025

This issue has been done. (PR)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Runtime Related to Node.js or Edge Runtime with Next.js.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@IvanWei @eriestrisnadi