3 matches found
Information Disclosure
nat.js is vulnerable to information disclosure. The vulnerability exists as it leaks options to the NATS server, including TLS private credentials, when Mutual TLS is used, where the credentials for the TLS client keys are included in the connection configuration options...
Sensitive data exposure in NATS
Overview Preview versions of two NPM packages and one Deno package from the NATS project contain an information disclosure flaw, leaking options to the NATS server; for one package, this includes TLS private credentials. The connection configuration options in these JavaScript-based implementatio...
Sensitive data exposure in NATS
Preview versions of two NPM packages and one Deno package from the NATS project contain an information disclosure flaw, leaking options to the NATS server; for one package, this includes TLS private credentials. The connection configuration options in these JavaScript-based implementations were...