Security Advisory

CVE-2023-26108

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-06 05:00:05

Last updated 2025-03-05 19:48:14

Assigner snyk

State PUBLISHED

Description

Versions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerability is possible when the client cancels a request while it is streaming a StreamableFile, the stream wrapped by the StreamableFile will be kept open.

← Browse all CVEs View on cve.org ↗