Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #10

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Sep 3, 2021

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

    • package.json
  • Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
    Find out more.

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 636/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.3
Prototype Pollution
npm:hoek:20180212
Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: blipp The new version differs by 16 commits.

See the full diff

Package name: catbox-redis The new version differs by 6 commits.
  • 3495d1b 2.0.1
  • a2a9afa Merge pull request #47 from j0shua/master
  • 829f450 Merge pull request #45 from gergoerdosi/node-v6
  • dd5850b Adding flush parameter when calling client.end
  • a4e5d93 Test on node v6, update dependencies
  • ef85696 2.0.0

See the full diff

Package name: good The new version differs by 83 commits.
  • f0b562e version 7.1.0
  • 45606c7 Restored wreck logging. Closes #469. (#514)
  • 6584880 Upgrade async. Fixes #515. (#538)
  • 265a5ca Update deps. Closes #515
  • f957062 Don't create a reporter if no streams were provided. Addresses #534 (#535)
  • 9d198f8 update stream example in docs and other minors (#536)
  • dfe7912 non breaking change adds responseSentTime. Closes #530 (#533)
  • 3bd61be current version shield links to good @ npmjs (#521)
  • ae1778b Support functions as modules (#517)
  • b8f923e Add request route tags to response event (#516)
  • 7a78ec8 Fix previous hapi versions
  • 77bae30 Fix hapi v15.0.2 timing errors in tests
  • 4a22673 hapi 15. Closes #509
  • 2d510b1 handle missing coverage on hapi < 15
  • 3f9a36a hapi 15 tests
  • 51e8ec5 hapi 15
  • 502b961 hapi 15
  • 673af3e Changed keys used to identify reporters in example (#508)
  • cf9f3fb Update CONTRIBUTING.md
  • 65730b1 correct and improve documentation (#505)
  • a55e808 Not enough feedback when error. Closes #498 (#499)
  • 8561ecc Added .npmignore file. Closes #485 (#496)
  • 0c93720 Update LICENSE
  • 0434d88 Closes #491. Update tests to code3.

See the full diff

Package name: good-console The new version differs by 10 commits.
  • 9f1d35e version 6.1.2
  • ca0982b update deps (#73)
  • 595ab69 version 6.1.1
  • 75db990 version 6.1.0
  • 3e1fdbb Add newline to output (#72)
  • f66b5b5 version 6.0.0
  • 4db033c Clean up for d7e3e527cd6d6aafaf59606e66fd114a512437ff
  • a89a608 Merge pull request #67 from thebergamo/updates
  • d7e3e52 refactoring to new features of es6 and new interface of good. Closes #63 Closes #64 Closes #65
  • 46c6676 migrate to es6 classes and new good api

See the full diff

Package name: good-loggly The new version differs by 7 commits.

See the full diff

Package name: inert The new version differs by 23 commits.

See the full diff

Package name: orientjs The new version differs by 166 commits.

See the full diff

With a Snyk patch:
Severity Priority Score (*) Issue Exploit Maturity
medium severity 636/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.3
Prototype Pollution
npm:hoek:20180212
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:hoek:20180212


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:hoek:20180212
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant