Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 114 vulnerabilities #30

Merged
merged 1 commit into from
Oct 16, 2024

Conversation

elise-jones-snyk
Copy link
Owner

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity Reachability
high severity 670/1000
Why? Is reachable, Has a fix available, CVSS 7.4
Directory Traversal
SNYK-JS-ADMZIP-1065796
No No Known Exploit Reachable
high severity 555/1000
Why? Has a fix available, CVSS 8.1
Prototype Pollution
SNYK-JS-AJV-584908
Yes No Known Exploit No Path Found
high severity 600/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908
Yes Proof of Concept No Path Found
high severity 600/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Prototype Pollution
SNYK-JS-ASYNC-2441827
No Proof of Concept No Path Found
critical severity 690/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 9.3
Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962463
Yes Proof of Concept No Path Found
high severity 610/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.7
Remote Memory Exposure
SNYK-JS-BL-608877
No Proof of Concept No Path Found
high severity 560/1000
Why? Has a fix available, CVSS 8.2
Asymmetric Resource Consumption (Amplification)
SNYK-JS-BODYPARSER-7926860
No No Known Exploit No Path Found
high severity 600/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Uncontrolled resource consumption
SNYK-JS-BRACES-6838727
Yes Proof of Concept No Path Found
medium severity 515/1000
Why? Recently disclosed, Has a fix available, CVSS 6.3
Cross-site Scripting (XSS)
SNYK-JS-COOKIE-8163060
No No Known Exploit No Path Found
high severity 600/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970
Yes Proof of Concept No Path Found
high severity 645/1000
Why? Mature exploit, Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-DICER-2311764
Yes Mature No Path Found
high severity 805/1000
Why? Proof of Concept exploit, Is reachable, Has a fix available, CVSS 8.6
Prototype Pollution
SNYK-JS-DUSTJSLINKEDIN-1089257
Yes Proof of Concept Reachable
medium severity 430/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 4.1
Arbitrary Code Injection
SNYK-JS-EJS-1049328
Yes Proof of Concept No Path Found
high severity 630/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1
Remote Code Execution (RCE)
SNYK-JS-EJS-2803307
Yes Proof of Concept No Path Found
medium severity 415/1000
Why? Has a fix available, CVSS 5.3
Improper Control of Dynamically-Managed Code Resources
SNYK-JS-EJS-6689533
Yes No Known Exploit No Path Found
medium severity 455/1000
Why? Has a fix available, CVSS 6.1
Open Redirect
SNYK-JS-EXPRESS-6474509
No No Known Exploit No Path Found
medium severity 405/1000
Why? Has a fix available, CVSS 5.1
Cross-site Scripting
SNYK-JS-EXPRESS-7926867
No No Known Exploit No Path Found
high severity 675/1000
Why? Is reachable, Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-EXPRESSFILEUPLOAD-473997
Yes No Known Exploit Reachable
high severity 750/1000
Why? Proof of Concept exploit, Is reachable, Has a fix available, CVSS 7.5
Prototype Pollution
SNYK-JS-EXPRESSFILEUPLOAD-595969
Yes Proof of Concept Reachable
high severity 575/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7
Remote Code Execution (RCE)
SNYK-JS-HANDLEBARS-1056767
Yes Proof of Concept No Path Found
medium severity 505/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
Prototype Pollution
SNYK-JS-HANDLEBARS-1279029
Yes Proof of Concept No Path Found
high severity 515/1000
Why? Has a fix available, CVSS 7.3
Prototype Pollution
SNYK-JS-HANDLEBARS-173692
Yes No Known Exploit No Path Found
high severity 515/1000
Why? Has a fix available, CVSS 7.3
Prototype Pollution
SNYK-JS-HANDLEBARS-174183
Yes No Known Exploit No Path Found
high severity 515/1000
Why? Has a fix available, CVSS 7.3
Prototype Pollution
SNYK-JS-HANDLEBARS-469063
Yes No Known Exploit No Path Found
high severity 525/1000
Why? Has a fix available, CVSS 7.5
Denial of Service (DoS)
SNYK-JS-HANDLEBARS-480388
Yes No Known Exploit No Path Found
high severity 630/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1
Arbitrary Code Execution
SNYK-JS-HANDLEBARS-534478
Yes Proof of Concept No Path Found
critical severity 640/1000
Why? Has a fix available, CVSS 9.8
Prototype Pollution
SNYK-JS-HANDLEBARS-534988
Yes No Known Exploit No Path Found
medium severity 550/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.5
Prototype Pollution
SNYK-JS-HANDLEBARS-567742
Yes Proof of Concept No Path Found
medium severity 440/1000
Why? Has a fix available, CVSS 5.8
Prototype Pollution
SNYK-JS-HIGHLIGHTJS-1045326
No No Known Exploit No Path Found
medium severity 415/1000
Why? Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HIGHLIGHTJS-1048676
No No Known Exploit No Path Found
medium severity 490/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355
Yes Proof of Concept No Path Found
medium severity 535/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2
Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116
Yes Proof of Concept No Path Found
high severity 590/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
Prototype Pollution
SNYK-JS-INI-1048974
Yes Proof of Concept No Path Found
medium severity 365/1000
Why? Has a fix available, CVSS 4.3
Reverse Tabnabbing
SNYK-JS-ISTANBULREPORTS-2328088
Yes No Known Exploit No Path Found
medium severity 505/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
Prototype Pollution
SNYK-JS-JQUERY-174006
Yes Proof of Concept No Path Found
medium severity 585/1000
Why? Mature exploit, Has a fix available, CVSS 6.3
Cross-site Scripting (XSS)
SNYK-JS-JQUERY-565129
Yes Mature No Path Found
medium severity 595/1000
Why? Mature exploit, Has a fix available, CVSS 6.5
Cross-site Scripting (XSS)
SNYK-JS-JQUERY-567880
Yes Mature No Path Found
high severity 580/1000
Why? Has a fix available, CVSS 8.6
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922
Yes No Known Exploit No Path Found
high severity 645/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.4
DLL Injection
SNYK-JS-KERBEROS-568900
No Proof of Concept No Path Found
low severity 410/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7
Validation Bypass
SNYK-JS-KINDOF-537849
Yes Proof of Concept No Path Found
medium severity 490/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905
Yes Proof of Concept No Path Found
high severity 585/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.2
Code Injection
SNYK-JS-LODASH-1040724
Yes Proof of Concept No Path Found
high severity 590/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3
Prototype Pollution
SNYK-JS-LODASH-450202
Yes Proof of Concept No Path Found
high severity 635/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2
Prototype Pollution
SNYK-JS-LODASH-567746
Yes Proof of Concept No Path Found
high severity /1000
Why?
Prototype Pollution
SNYK-JS-LODASH-608086
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-LODASH-6139239
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-LODASH-73638
Yes Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639
Yes Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-174116
No No Known Exploit
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-2342073
Yes Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-2342082
Yes Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-451540
No No Known Exploit
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MARKED-584281
Yes No Known Exploit
high severity /1000
Why?
Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728
Yes No Known Exploit
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818
Yes No Known Exploit
low severity /1000
Why?
Prototype Pollution
SNYK-JS-MINIMIST-2429795
Yes Proof of Concept
medium severity /1000
Why?
Prototype Pollution
SNYK-JS-MINIMIST-559764
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-MIXINDEEP-450212
Yes Proof of Concept
high severity /1000
Why?
Directory Traversal
SNYK-JS-MOMENT-2440688
No No Known Exploit
high severity /1000
Why?
Denial of Service (DoS)
SNYK-JS-MONGODB-473855
Yes No Known Exploit
medium severity /1000
Why?
Prototype Pollution
SNYK-JS-MONGOOSE-1086688
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-MONGOOSE-2961688
Yes Proof of Concept
medium severity /1000
Why?
Information Exposure
SNYK-JS-MONGOOSE-472486
No No Known Exploit
high severity /1000
Why?
Prototype Pollution
SNYK-JS-MONGOOSE-5777721
Yes Proof of Concept
medium severity /1000
Why?
Prototype Pollution
SNYK-JS-MPATH-1577289
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-MQUERY-1050858
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-MQUERY-1089718
Yes Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067
Yes Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106
No Proof of Concept
high severity /1000
Why?
Prototype Poisoning
SNYK-JS-QS-3153490
Yes Proof of Concept
medium severity /1000
Why?
Server-side Request Forgery (SSRF)
SNYK-JS-REQUEST-3361831
Yes Proof of Concept
high severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795
Yes Proof of Concept
low severity /1000
Why?
Cross-site Scripting
SNYK-JS-SEND-7926862
No No Known Exploit
low severity /1000
Why?
Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865
No No Known Exploit
high severity /1000
Why?
Prototype Pollution
SNYK-JS-SETVALUE-1540541
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-SETVALUE-450213
Yes Proof of Concept
medium severity /1000
Why?
Prototype Pollution
SNYK-JS-TOUGHCOOKIE-5672873
Yes Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-TYPEORM-590152
No Mature
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-UGLIFYJS-1727251
Yes No Known Exploit
high severity /1000
Why?
Prototype Pollution
SNYK-JS-UNSETVALUE-2400660
Yes No Known Exploit
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090599
No Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090600
No Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090601
No Proof of Concept
medium severity /1000
Why?
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090602
No Proof of Concept
medium severity /1000
Why?
Prototype Pollution
SNYK-JS-XML2JS-5414874
No Proof of Concept
high severity /1000
Why?
Prototype Pollution
SNYK-JS-Y18N-1021887
Yes Proof of Concept
medium severity /1000
Why?
Prototype Pollution
SNYK-JS-YARGSPARSER-560381
Yes Proof of Concept
critical severity 920/1000
Why? Mature exploit, Is reachable, Has a fix available, CVSS 9.4
Arbitrary File Write via Archive Extraction (Zip Slip)
npm:adm-zip:20180415
No Mature Reachable
low severity 410/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7
Regular Expression Denial of Service (ReDoS)
npm:debug:20170905
No Proof of Concept No Path Found
high severity 580/1000
Why? Has a fix available, CVSS 8.6
Code Injection
npm:dustjs-linkedin:20160819
No No Known Exploit No Path Found
high severity 555/1000
Why? Has a fix available, CVSS 8.1
Arbitrary Code Execution
npm:ejs:20161128
Yes No Known Exploit No Path Found
medium severity 445/1000
Why? Has a fix available, CVSS 5.9
Cross-site Scripting (XSS)
npm:ejs:20161130
Yes No Known Exploit No Path Found
medium severity 445/1000
Why? Has a fix available, CVSS 5.9
Denial of Service (DoS)
npm:ejs:20161130-1
Yes No Known Exploit No Path Found
high severity 525/1000
Why? Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
npm:fresh:20170908
No No Known Exploit No Path Found
medium severity 420/1000
Why? Has a fix available, CVSS 5.4
Cross-site Scripting (XSS)
npm:jquery:20150627
Yes No Known Exploit No Path Found
medium severity 690/1000
Why? Proof of Concept exploit, Is reachable, Has a fix available, CVSS 6.3
Prototype Pollution
npm:lodash:20180130
No Proof of Concept Reachable
high severity 740/1000
Why? Is reachable, Has a fix available, CVSS 8.8
Cross-site Scripting (XSS)
npm:marked:20150520
No No Known Exploit Reachable
high severity 675/1000
Why? Is reachable, Has a fix available, CVSS 7.5
Cross-site Scripting (XSS)
npm:marked:20170112
No No Known Exploit Reachable
high severity 675/1000
Why? Is reachable, Has a fix available, CVSS 7.5
Cross-site Scripting (XSS)
npm:marked:20170815
No No Known Exploit Reachable
medium severity 540/1000
Why? Is reachable, Has a fix available, CVSS 4.8
Cross-site Scripting (XSS)
npm:marked:20170815-1
No No Known Exploit Reachable
high severity 675/1000
Why? Is reachable, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
npm:marked:20170907
No No Known Exploit Reachable
high severity 750/1000
Why? Proof of Concept exploit, Is reachable, Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
npm:marked:20180225
No Proof of Concept Reachable
medium severity 405/1000
Why? Has a fix available, CVSS 5.1
Denial of Service (DoS)
npm:mem:20180117
Yes No Known Exploit No Path Found
low severity 335/1000
Why? Has a fix available, CVSS 3.7
Regular Expression Denial of Service (ReDoS)
npm:mime:20170907
Yes No Known Exploit No Path Found
medium severity 595/1000
Why? Is reachable, Has a fix available, CVSS 5.9
Regular Expression Denial of Service (ReDoS)
npm:moment:20161019
No No Known Exploit Reachable
low severity 335/1000
Why? Has a fix available, CVSS 3.7
Regular Expression Denial of Service (ReDoS)
npm:moment:20170905
No No Known Exploit No Path Found
medium severity 675/1000
Why? Mature exploit, Is reachable, Has a fix available, CVSS 5.1
Remote Memory Exposure
npm:mongoose:20160116
No Mature Reachable
medium severity 415/1000
Why? Has a fix available, CVSS 5.3
Regular Expression Denial of Service (ReDoS)
npm:ms:20151024
No No Known Exploit No Path Found
low severity 335/1000
Why? Has a fix available, CVSS 3.7
Regular Expression Denial of Service (ReDoS)
npm:ms:20170412
Yes No Known Exploit No Path Found
high severity 525/1000
Why? Has a fix available, CVSS 7.5
Regular Expression Denial of Service (ReDoS)
npm:negotiator:20160616
Yes No Known Exploit No Path Found
high severity 640/1000
Why? Mature exploit, Has a fix available, CVSS 7.4
Uninitialized Memory Exposure
npm:npmconf:20180512
Yes Mature No Path Found
high severity 525/1000
Why? Has a fix available, CVSS 7.5
Prototype Override Protection Bypass
npm:qs:20170213
No No Known Exploit No Path Found
medium severity 640/1000
Why? Proof of Concept exploit, Is reachable, Has a fix available, CVSS 5.3
Directory Traversal
npm:st:20140206
No Proof of Concept Reachable
medium severity 665/1000
Why? Mature exploit, Is reachable, Has a fix available, CVSS 4.3
Open Redirect
npm:st:20171013
Yes Mature Reachable

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: adm-zip The new version differs by 134 commits.

See the full diff

Package name: body-parser The new version differs by 250 commits.

See the full diff

Package name: errorhandler The new version differs by 106 commits.

See the full diff

Package name: express The new version differs by 250 commits.
  • 8e229f9 4.21.1
  • a024c8a fix(deps): cookie@0.7.1
  • 7e562c6 4.21.0
  • 1bcde96 fix(deps): qs@6.13.0 (#5946)
  • 7d36477 fix(deps): serve-static@1.16.2 (#5951)
  • 40d2d8f fix(deps): finalhandler@1.3.1
  • 77ada90 Deprecate `"back"` magic string in redirects (#5935)
  • 21df421 4.20.0
  • 4c9ddc1 feat: upgrade to serve-static@0.16.0
  • 9ebe5d5 feat: upgrade to send@0.19.0 (#5928)
  • ec4a01b feat: upgrade to body-parser@1.20.3 (#5926)
  • 54271f6 fix: don't render redirect values in anchor href
  • 125bb74 path-to-regexp@0.1.10 (#5902)
  • 2a980ad merge-descriptors@1.0.3 (#5781)
  • a3e7e05 docs: specify new instructions for `question` and `discuss`
  • c5addb9 deps: path-to-regexp@0.1.8 (#5603)
  • e35380a docs: add @ IamLizu to the triage team (#5836)
  • f5b6e67 docs: update scorecard link (#5814)
  • 2177f67 docs: add OSSF Scorecard badge (#5436)
  • f4bd86e Replace Appveyor windows testing with GHA (#5599)
  • 2ec589c Fix Contributor Covenant link definition reference in attribution section (#5762)
  • 4cf7eed remove minor version pinning from ci (#5722)
  • 6d08471 📝 update people, add ctcpip to TC (#5683)
  • 61421a8 skip QUERY tests for Node 21 only, still not supported (#5695)

See the full diff

Package name: express-fileupload The new version differs by 250 commits.

See the full diff

Package name: express-session The new version differs by 80 commits.

See the full diff

Package name: hbs The new version differs by 107 commits.
  • 00764e0 v4.1.2
  • 8dcac86 tests: add test for layout that does not exist
  • 1046191 test: add test for layout using async helper
  • 9c6ee6f test: add test for async helper with layout
  • b109867 lint: fix redeclared variable
  • 7920ac6 build: Node.js@12.22
  • 5623682 deps: handlebars@4.7.7

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ADMZIP-1065796
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
- https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962463
- https://snyk.io/vuln/SNYK-JS-BL-608877
- https://snyk.io/vuln/SNYK-JS-BODYPARSER-7926860
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-COOKIE-8163060
- https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970
- https://snyk.io/vuln/SNYK-JS-DICER-2311764
- https://snyk.io/vuln/SNYK-JS-DUSTJSLINKEDIN-1089257
- https://snyk.io/vuln/SNYK-JS-EJS-1049328
- https://snyk.io/vuln/SNYK-JS-EJS-2803307
- https://snyk.io/vuln/SNYK-JS-EJS-6689533
- https://snyk.io/vuln/SNYK-JS-EXPRESS-6474509
- https://snyk.io/vuln/SNYK-JS-EXPRESS-7926867
- https://snyk.io/vuln/SNYK-JS-EXPRESSFILEUPLOAD-473997
- https://snyk.io/vuln/SNYK-JS-EXPRESSFILEUPLOAD-595969
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-173692
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-174183
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
- https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1045326
- https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1048676
- https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-INI-1048974
- https://snyk.io/vuln/SNYK-JS-ISTANBULREPORTS-2328088
- https://snyk.io/vuln/SNYK-JS-JQUERY-174006
- https://snyk.io/vuln/SNYK-JS-JQUERY-565129
- https://snyk.io/vuln/SNYK-JS-JQUERY-567880
- https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922
- https://snyk.io/vuln/SNYK-JS-KERBEROS-568900
- https://snyk.io/vuln/SNYK-JS-KINDOF-537849
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASH-6139239
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-MARKED-174116
- https://snyk.io/vuln/SNYK-JS-MARKED-2342073
- https://snyk.io/vuln/SNYK-JS-MARKED-2342082
- https://snyk.io/vuln/SNYK-JS-MARKED-451540
- https://snyk.io/vuln/SNYK-JS-MARKED-584281
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
- https://snyk.io/vuln/SNYK-JS-MOMENT-2440688
- https://snyk.io/vuln/SNYK-JS-MONGODB-473855
- https://snyk.io/vuln/SNYK-JS-MONGOOSE-1086688
- https://snyk.io/vuln/SNYK-JS-MONGOOSE-2961688
- https://snyk.io/vuln/SNYK-JS-MONGOOSE-472486
- https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721
- https://snyk.io/vuln/SNYK-JS-MPATH-1577289
- https://snyk.io/vuln/SNYK-JS-MQUERY-1050858
- https://snyk.io/vuln/SNYK-JS-MQUERY-1089718
- https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067
- https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-REQUEST-3361831
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-SEND-7926862
- https://snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865
- https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541
- https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
- https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873
- https://snyk.io/vuln/SNYK-JS-TYPEORM-590152
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
- https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090599
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090600
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090601
- https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090602
- https://snyk.io/vuln/SNYK-JS-XML2JS-5414874
- https://snyk.io/vuln/SNYK-JS-Y18N-1021887
- https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
- https://snyk.io/vuln/npm:adm-zip:20180415
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:dustjs-linkedin:20160819
- https://snyk.io/vuln/npm:ejs:20161128
- https://snyk.io/vuln/npm:ejs:20161130
- https://snyk.io/vuln/npm:ejs:20161130-1
- https://snyk.io/vuln/npm:fresh:20170908
- https://snyk.io/vuln/npm:jquery:20150627
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:marked:20150520
- https://snyk.io/vuln/npm:marked:20170112
- https://snyk.io/vuln/npm:marked:20170815
- https://snyk.io/vuln/npm:marked:20170815-1
- https://snyk.io/vuln/npm:marked:20170907
- https://snyk.io/vuln/npm:marked:20180225
- https://snyk.io/vuln/npm:mem:20180117
- https://snyk.io/vuln/npm:mime:20170907
- https://snyk.io/vuln/npm:moment:20161019
- https://snyk.io/vuln/npm:moment:20170905
- https://snyk.io/vuln/npm:mongoose:20160116
- https://snyk.io/vuln/npm:ms:20151024
- https://snyk.io/vuln/npm:ms:20170412
- https://snyk.io/vuln/npm:negotiator:20160616
- https://snyk.io/vuln/npm:npmconf:20180512
- https://snyk.io/vuln/npm:qs:20170213
- https://snyk.io/vuln/npm:st:20140206
- https://snyk.io/vuln/npm:st:20171013
@elise-jones-snyk elise-jones-snyk merged commit fbe7c3d into main Oct 16, 2024
2 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants