You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[System Information]
OS Version : Linux 5.15.153.1-microsoft-standard-WSL2
NodeJS Version : v20.17.0
NPM Version : 10.8.3
[Nest CLI]
Nest CLI Version : 10.4.5
[Nest Platform Information]
platform-express version : 10.4.1
cache-manager version : 2.2.2
schematics version : 10.1.4
throttler version : 6.2.1
mongoose version : 10.0.10
terminus version : 10.2.3
swagger version : 7.4.0
testing version : 10.4.1
common version : 10.4.1
config version : 3.2.3
axios version : 3.0.3
core version : 10.4.1
jwt version : 10.2.0
cli version : 10.4.5
Node.js version
20.17.0
In which operating systems have you tested?
macOS
Windows
Linux
Other
No response
The text was updated successfully, but these errors were encountered:
Is there an existing issue for this?
Current behavior
In @nestjs/platform-express, there is the package "body-parser" in version 1.20.2 (https://github.com/nestjs/nest/blob/master/packages/platform-express/package.json#L21) what causes a npm high security vulnerability. There is a patch in body-parser version 1.20.3. Express has already updated this library: https://github.com/expressjs/express/blob/master/package.json#L33
This should be updated.
Minimum reproduction code
GHSA-qwcr-r2fm-qrc7
Steps to reproduce
Expected behavior
No high security vulnerability
Package
@nestjs/common
@nestjs/core
@nestjs/microservices
@nestjs/platform-express
@nestjs/platform-fastify
@nestjs/platform-socket.io
@nestjs/platform-ws
@nestjs/testing
@nestjs/websockets
Other package
No response
NestJS version
10.4.1
Packages versions
[System Information]
OS Version : Linux 5.15.153.1-microsoft-standard-WSL2
NodeJS Version : v20.17.0
NPM Version : 10.8.3
[Nest CLI]
Nest CLI Version : 10.4.5
[Nest Platform Information]
platform-express version : 10.4.1
cache-manager version : 2.2.2
schematics version : 10.1.4
throttler version : 6.2.1
mongoose version : 10.0.10
terminus version : 10.2.3
swagger version : 7.4.0
testing version : 10.4.1
common version : 10.4.1
config version : 3.2.3
axios version : 3.0.3
core version : 10.4.1
jwt version : 10.2.0
cli version : 10.4.5
Node.js version
20.17.0
In which operating systems have you tested?
Other
No response
The text was updated successfully, but these errors were encountered: