RSC vulns in pages router
Answered
Chien Français Blanc et Noir posted this in #help-forum
Chien Français Blanc et NoirOP
Since we're not using RSC in the old pages router, do we still have to worry about these recent CVEs?
Answered by Australian Freshwater Crocodile
no,
"Next.js 13.x, Next.js 14.x stable, Pages Router applications, and the Edge Runtime are not affected."
https://nextjs.org/blog/CVE-2025-66478#:~:text=Next.js%2013.x%2C%20Next.js%2014.x%20stable%2C%20Pages%20Router%20applications%2C%20and%20the%20Edge%20Runtime%20are%20not%20affected.
"Next.js 13.x, Next.js 14.x stable, Pages Router applications, and the Edge Runtime are not affected."
https://nextjs.org/blog/CVE-2025-66478#:~:text=Next.js%2013.x%2C%20Next.js%2014.x%20stable%2C%20Pages%20Router%20applications%2C%20and%20the%20Edge%20Runtime%20are%20not%20affected.
1 Reply
@Chien Français Blanc et Noir Since we're not using RSC in the old pages router, do we still have to worry about these recent CVEs?
Australian Freshwater Crocodile
no,
"Next.js 13.x, Next.js 14.x stable, Pages Router applications, and the Edge Runtime are not affected."
https://nextjs.org/blog/CVE-2025-66478#:~:text=Next.js%2013.x%2C%20Next.js%2014.x%20stable%2C%20Pages%20Router%20applications%2C%20and%20the%20Edge%20Runtime%20are%20not%20affected.
"Next.js 13.x, Next.js 14.x stable, Pages Router applications, and the Edge Runtime are not affected."
https://nextjs.org/blog/CVE-2025-66478#:~:text=Next.js%2013.x%2C%20Next.js%2014.x%20stable%2C%20Pages%20Router%20applications%2C%20and%20the%20Edge%20Runtime%20are%20not%20affected.
Answer