Skip to content

[Snyk] Fix for 23 vulnerabilities#353

Open
MelvinBot wants to merge 1 commit into
mainfrom
snyk-fix-790abc314e06c90b2c3c1dc80741e083
Open

[Snyk] Fix for 23 vulnerabilities#353
MelvinBot wants to merge 1 commit into
mainfrom
snyk-fix-790abc314e06c90b2c3c1dc80741e083

Conversation

@MelvinBot

Copy link
Copy Markdown
Contributor

snyk-top-banner

Snyk has created this PR to fix 23 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Directory Traversal
SNYK-JS-TMP-16881240
  828  
critical severity Prototype Pollution
SNYK-JS-FLATTED-15700433
  786  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-CROSSSPAWN-8303230
  756  
high severity Uncontrolled Recursion
SNYK-JS-FLATTED-15518041
  756  
high severity Infinite loop
SNYK-JS-IMAGESIZE-9634164
  756  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-15309438
  756  
high severity Inefficient Algorithmic Complexity
SNYK-JS-MINIMATCH-15353389
  756  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-AJV-15274295
  731  
high severity Uncontrolled Recursion
SNYK-JS-UNDERSCORE-15369786
  731  
high severity Arbitrary Code Injection
SNYK-JS-SERIALIZEJAVASCRIPT-570062
  706  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BABELRUNTIME-10044504
  666  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-OCTOKITPLUGINPAGINATEREST-8730855
  666  
medium severity Use of Uninitialized Resource
SNYK-JS-WS-16722635
  666  
medium severity Symlink Attack
SNYK-JS-TMP-11501554
  661  
high severity Infinite loop
SNYK-JS-BRACEEXPANSION-15789759
  649  
medium severity Improper Validation of Specified Index, Position, or Offset in Input
SNYK-JS-UUID-16133035
  636  
medium severity Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116
  631  
high severity Allocation of Resources Without Limits or Throttling
SNYK-JS-SERIALIZEJAVASCRIPT-15809196
  624  
medium severity Prototype Pollution
SNYK-JS-JSYAML-13961110
  559  
medium severity Uncontrolled Recursion
SNYK-JS-ESLINT-15102420
  551  
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BRACEEXPANSION-9789073
  436  
low severity Server-side Request Forgery (SSRF)
SNYK-JS-WEBPACK-15235959
  426  
low severity Server-side Request Forgery (SSRF)
SNYK-JS-WEBPACK-15235969
  426  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Uncontrolled Recursion
🦉 Prototype Pollution
🦉 More lessons are available in Snyk Learn

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants