9 matches found
EUVD-2023-0867
Malicious code in bioql PyPI...
@nestjs/core vulnerable to Information Exposure via StreamableFile pipe
Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...
GHSA-4JPV-8R57-PV7J @nestjs/core vulnerable to Information Exposure via StreamableFile pipe
Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...
CVE-2023-26108
Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...
CVE-2023-26108
Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...
CVE-2023-26108
Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open...
CVE-2023-26108
CVE-2023-26108 affects the NestJS framework component @nestjs/core when running versions prior to 9.0.5 . The vulnerability enables information exposure via the StreamableFile pipe if a client cancels a request while streaming; the underlying stream remains open, potentially leaking data. Connect...
nestjs 安全漏洞
nestjs is nestjs' progressive Node.js framework for building efficient, scalable, and enterprise-class server-side applications on top of TypeScript and JavaScript. A security vulnerability exists in versions of nestjs prior to 9.0.5 that stems from exposing information through the StreamableFile...
PT-2023-20495 · Nestjs · @Nestjs/Core
Name of the Vulnerable Software and Affected Versions: @nestjs/core versions prior to 9.0.5 Description: The issue allows for Information Exposure via the StreamableFile pipe. This can be exploited when a client cancels a request while streaming a StreamableFile, resulting in the stream wrapped b...