Skip to content

chore(deps): update dependency @nestjs/common to v10.4.16 [security]#19

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/npm-nestjs-common-vulnerability/VF-000
Open

chore(deps): update dependency @nestjs/common to v10.4.16 [security]#19
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/npm-nestjs-common-vulnerability/VF-000

Conversation

@renovate

@renovate renovate Bot commented Mar 1, 2026

Copy link
Copy Markdown

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
@nestjs/common (source) 10.1.310.4.16 age confidence

nest allows a remote attacker to execute arbitrary code via the Content-Type header

CVE-2024-29409 / GHSA-cj7v-w2c7-cp7c

More information

Details

File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.

Severity

  • CVSS Score: 5.5 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

References

This data is provided by the GitHub Advisory Database (CC-BY 4.0).


Release Notes

nestjs/nest (@​nestjs/common)

v10.4.16

Compare Source

What's Changed

Full Changelog: nestjs/nest@v10.4.15...v10.4.16

v10.4.15

Compare Source

v10.4.15 (2024-12-09)

Dependencies

v10.4.14

Compare Source

v10.4.13

Compare Source

v10.4.13 (2024-12-03)

Bug fixes
Dependencies
Committers: 3

v10.4.12

Compare Source

v10.4.12 (2024-11-29)

Bug fixes
Dependencies
Committers: 1

v10.4.11

Compare Source

v10.4.10

Compare Source

v10.4.10 (2024-11-27)

Bug fixes
  • platform-socket.io, websockets
Dependencies
Committers: 1

v10.4.9

Compare Source

v10.4.9 (2024-11-25)

Bug fixes
Enhancements
Dependencies
Committers: 7

v10.4.8

Compare Source

v10.4.8 (2024-11-15)

Bug fixes
Enhancements
Committers: 3

v10.4.7

Compare Source

v10.4.6

Compare Source

v10.4.5

Compare Source

v10.4.5 (2024-10-16)

Dependencies
Committers: 5

v10.4.4

Compare Source

v10.4.3

Compare Source

v10.4.2

Compare Source

v10.4.2 (2024-09-16)

Dependencies
Committers: 3

v10.4.1

Compare Source

v10.4.0

Compare Source

v10.3.10

Compare Source

v10.3.10 (2024-07-01)

Bug fixes
Enhancements
  • platform-fastify
Dependencies
Committers: 4

v10.3.9

Compare Source

v10.3.9 (2024-06-03)

Bug fixes
Enhancements
Docs
Dependencies

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • ""
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added dependencies Pull requests that update a dependency file ready for review labels Mar 1, 2026
@renovate renovate Bot requested a review from effervescentia March 1, 2026 06:43
@sonarqubecloud

sonarqubecloud Bot commented Mar 1, 2026

Copy link
Copy Markdown

@renovate renovate Bot changed the title chore(deps): update dependency @nestjs/common to v10.4.16 [security] chore(deps): update dependency @nestjs/common to v10.4.16 [security] - autoclosed Apr 15, 2026
@renovate renovate Bot closed this Apr 15, 2026
@renovate renovate Bot deleted the renovate/npm-nestjs-common-vulnerability/VF-000 branch April 15, 2026 12:06
@renovate renovate Bot changed the title chore(deps): update dependency @nestjs/common to v10.4.16 [security] - autoclosed chore(deps): update dependency @nestjs/common to v10.4.16 [security] Apr 19, 2026
@renovate renovate Bot reopened this Apr 19, 2026
@renovate renovate Bot force-pushed the renovate/npm-nestjs-common-vulnerability/VF-000 branch 2 times, most recently from cf8ed65 to 66365d5 Compare April 19, 2026 07:33
@sonarqubecloud

Copy link
Copy Markdown

Copilot AI review requested due to automatic review settings June 19, 2026 15:10
@renovate renovate Bot force-pushed the renovate/npm-nestjs-common-vulnerability/VF-000 branch from 66365d5 to 3172d08 Compare June 19, 2026 15:10

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@renovate renovate Bot force-pushed the renovate/npm-nestjs-common-vulnerability/VF-000 branch 4 times, most recently from d827fe5 to d52265a Compare June 24, 2026 16:45
@renovate renovate Bot force-pushed the renovate/npm-nestjs-common-vulnerability/VF-000 branch from d52265a to 1dd9ba8 Compare June 24, 2026 16:47
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ready for review

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant