Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade snyk from 1.101.1 to 1.1097.0 #748

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade snyk from 1.101.1 to 1.1097.0 #748

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Mar 1, 2023

Snyk has created this PR to upgrade snyk from 1.101.1 to 1.1097.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1316 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2023-02-06.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-INI-1048974		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Arbitrary Code Execution
SNYK-JS-JSYAML-174129		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 No Known Exploit
Prototype Pollution
SNYK-JS-LODASH-450202		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-567746		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-450202		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-567746		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-608086		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-Y18N-1021887		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-73638		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-LODASHSET-1320032		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-NCONF-2395478		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Server-side Request Forgery (SSRF)
SNYK-JS-NETMASK-1089716		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Remote Code Execution (RCE)
SNYK-JS-PACRESOLVER-1564857		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-DOTPROP-543489		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Man-in-the-Middle (MitM)
SNYK-JS-HTTPSPROXYAGENT-469131		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Denial of Service (DoS)
SNYK-JS-JSYAML-173999		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JS-JSZIP-1251497		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Arbitrary File Write via Archive Extraction (Zip Slip)
SNYK-JS-JSZIP-3188562		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-SNYKDOCKERPLUGIN-3039679		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-SNYKGOPLUGIN-3037316		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-SNYKGRADLEPLUGIN-3038624		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-SNYKMVNPLUGIN-3038623		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-SNYKPYTHONPLUGIN-3039677		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-SNYKSBTPLUGIN-3038626		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Prototype Pollution
SNYK-JS-UNDEFSAFE-548940		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 No Known Exploit
Command Injection
SNYK-JS-SNYK-3037342		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Command Injection
SNYK-JS-SNYK-3038622		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Code Injection
SNYK-JS-SNYK-3111871		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@snyk-bot
fix: upgrade snyk from 1.101.1 to 1.1097.0
c6b9fb4 
Snyk has created this PR to upgrade snyk from 1.101.1 to 1.1097.0.

See this package in npm:


See this project in Snyk:
https://app.snyk.io/org/eitan/project/46408d41-265a-4e2e-96e9-4fc78a27951b?utm_source=github&utm_medium=referral&page=upgrade-pr
@EitanGayor EitanGayor mentioned this pull request Mar 10, 2023
Open
@snyk-bot snyk-bot mentioned this pull request Apr 6, 2023
Open
@EitanGayor EitanGayor mentioned this pull request Apr 29, 2023
Open
@snyk-bot snyk-bot mentioned this pull request May 29, 2023
Open
@EitanGayor EitanGayor mentioned this pull request Nov 24, 2023
Open
@EitanGayor EitanGayor mentioned this pull request Mar 28, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot