CVE-2024-29409

Name of the Vulnerable Software and Affected Versions: nestjs nest version 10.3.2

Description: The issue allows a remote attacker to execute arbitrary code via the Content-Type header. This is a result of a File Upload vulnerability.

Recommendations: For version 10.3.2, consider restricting access to file upload functionality until a patch is available. As a temporary workaround, avoid using the Content-Type header in file upload requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.