update v10.x of @nestjs/common for remote execution vuln #14890
Labels
Comments
phlogisticfugu
added
needs triage
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue that is already proposing this?
Is your feature request related to a problem? Please describe it
We're currently on Nest.js 10.x due to a limitation on the version of Node.js we are using (have to use v18 due to AWS limitation on AppRunner)
However, we're currently getting this security vulnerability alert: GHSA-cj7v-w2c7-cp7c
Describe the solution you'd like
Even though this is for the last release, could we please backport the security fix to the v10.x version of Nest.js?
Teachability, documentation, adoption, migration strategy
request to update the github advisory accordingly after a backport of the patch
What is the motivation / use case for changing the behavior?
enables us to use Nest.js securely even though we are on a slightly older version
The text was updated successfully, but these errors were encountered: