VEX for CVE-2024-29409: nest allows a remote attacker to execute arbitrary code via the Content-Type header

Dependabot has reported the following vulnerability
https://github.com/secvisogram/csaf-validator-service/security/dependabot/46


Csaf-validator-service  is not affected by this vulnerability because it is only a transitive development dependency that is not delivered.
This is shown in the following VAX:

[bsi-2025-0002.json](https://github.com/user-attachments/files/19678103/bsi-2025-0002.json)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

VEX for CVE-2024-29409: nest allows a remote attacker to execute arbitrary code via the Content-Type header #144

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

VEX for CVE-2024-29409: nest allows a remote attacker to execute arbitrary code via the Content-Type header #144

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions