Lucene search
+L

9 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0867

Malicious code in bioql PyPI...

5.3CVSS5.8AI score0.00707EPSS
Exploits1References6
github
github
added 2023/03/06 6:30 a.m.32 views

@nestjs/core vulnerable to Information Exposure via StreamableFile pipe

Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...

5.3CVSS5.4AI score0.00707EPSS
Exploits1References6Affected Software1
osv
osv
added 2023/03/06 6:30 a.m.19 views

GHSA-4JPV-8R57-PV7J @nestjs/core vulnerable to Information Exposure via StreamableFile pipe

Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...

5.3CVSS4.8AI score0.00707EPSS
Exploits1References6
vulnrichment
vulnrichment
added 2023/03/06 5:0 a.m.10 views

CVE-2023-26108

Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...

3.7CVSS7AI score0.00707EPSS
Exploits1References4
cve
cve
added 2023/03/06 5:0 a.m.79 views

CVE-2023-26108

CVE-2023-26108 affects the NestJS framework component @nestjs/core when running versions prior to 9.0.5 . The vulnerability enables information exposure via the StreamableFile pipe if a client cancels a request while streaming; the underlying stream remains open, potentially leaking data. Connect...

5.3CVSS5.2AI score0.00707EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2023/03/06 5:0 a.m.29 views

CVE-2023-26108

Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...

3.7CVSS5.5AI score0.00707EPSS
Exploits1References4
osv
osv
added 2023/03/06 5:0 a.m.12 views

CVE-2023-26108

Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...

3.7CVSS5.5AI score0.00707EPSS
Exploits1References6
cnnvd
cnnvd
added 2023/03/06 12:0 a.m.5 views

nestjs 安全漏洞

nestjs is nestjs' progressive Node.js framework for building efficient, scalable, and enterprise-class server-side applications on top of TypeScript and JavaScript. A security vulnerability exists in versions of nestjs prior to 9.0.5 that stems from exposing information through the StreamableFile...

5.3CVSS6.3AI score0.00707EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2023/03/06 12:0 a.m.6 views

PT-2023-20495 · Nestjs · @Nestjs/Core

Name of the Vulnerable Software and Affected Versions: @nestjs/core versions prior to 9.0.5 Description: The issue allows for Information Exposure via the StreamableFile pipe. This can be exploited when a client cancels a request while streaming a StreamableFile, resulting in the stream wrapped b...

5.3CVSS5.6AI score0.00707EPSS
Exploits1References10
Rows per page
Query Builder