#!/bin/bash # Counters TOTAL_SCANNED=0 NODE_CONTAINERS=0 VULNERABLE_COUNT=0 echo "========================================================" echo " Next.js Vulnerability Scanner (CVE-2025-55182) " echo "========================================================" # Get all running container IDs and Names # We use a while loop to handle spaces in names correctly docker ps --format '{{.ID}}|{{.Names}}' | while IFS='|' read -r id name; do ((TOTAL_SCANNED++)) # 1. HEURISTIC CHECK: Is this a Node/JS app? # We check for package.json in common paths (/app is Coolify standard) # OR if the 'node' binary exists in the path. is_node=$(docker exec "$id" sh -c "test -f /app/package.json || test -f /usr/src/app/package.json || command -v node" 2>/dev/null && echo "yes" || echo "no") if [ "$is_node" == "yes" ]; then ((NODE_CONTAINERS++)) # 2. VERSION CHECK # Check package.json for "next" version version_check=$(docker exec "$id" grep -Po '"next":\s*"\^?\K[0-9.]+' /app/package.json 2>/dev/null) # Check for Standalone server (Production builds) is_standalone=$(docker exec "$id" ls /app/.next/standalone/server.js 2>/dev/null) if [[ ! -z "$version_check" ]]; then echo -e "[\033[31mVULN\033[0m] $name \t-> Next.js $version_check" ((VULNERABLE_COUNT++)) elif [[ ! -z "$is_standalone" ]]; then echo -e "[\033[33mWARN\033[0m] $name \t-> Detected (Standalone Mode) - Check manually" ((VULNERABLE_COUNT++)) else # Uncomment the line below if you want to see SAFE node apps too # echo -e "[\033[32mSAFE\033[0m] $name \t-> Node app (No Next.js detected)" : fi fi done echo "========================================================" echo "SCAN COMPLETE" echo "--------------------------------------------------------" echo "Total Containers Scanned: $TOTAL_SCANNED" echo "Node/JS Environments: $NODE_CONTAINERS" echo "Next.js Apps Found: $VULNERABLE_COUNT" echo "========================================================"