nat.js is vulnerable to information disclosure. The vulnerability exists as it leaks options to the NATS server, including TLS private credentials, when Mutual TLS is used, where the credentials for the TLS client keys are included in the connection configuration options.
www.openwall.com/lists/oss-security/2020/09/30/3
github.com/advisories/GHSA-82rf-q3pr-4f6p
github.com/advisories/GHSA-prmc-5v5w-c465
github.com/nats-io/nats.deno/compare/v1.0.0-8...v1.0.0-9
github.com/nats-io/nats.js/commit/0a430abf9efff11e94bc0e054359559d5b16ecee
github.com/nats-io/nats.js/commit/31a1ee3f2bb5adf1128f683f2e382f7b950c8ac0
github.com/nats-io/nats.ws/commit/0a37ac2a411ff63f0707cda69a268c5fc4079eb7
www.npmjs.com/advisories/1567
www.openwall.com/lists/oss-security/2020/09/30/3