[Snyk] Upgrade snyk from 1.305.0 to 1.1275.0 #161

sandorTuranszky · 2024-02-18T01:19:16Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade snyk from 1.305.0 to 1.1275.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1094 versions ahead of your current version.
The recommended version was released 22 days ago, on 2024-01-26.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Authorization Bypass Through User-Controlled Key SNYK-JS-PARSEPATH-2936439	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-XML2JS-5414874	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2935944	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Information Exposure SNYK-JS-PARSEURL-2935947	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-2936249	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-NCONF-2395478	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASHSET-1320032	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2942134	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-3023021	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Improper Input Validation SNYK-JS-PARSEURL-3024398	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYKDOCKERPLUGIN-3039679	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYK-3037342	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYK-3038622	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Code Injection SNYK-JS-SNYK-3111871	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	No Known Exploit
Command Injection SNYK-JS-SNYKGOPLUGIN-3037316	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYKGRADLEPLUGIN-3038624	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYKMVNPLUGIN-3038623	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYKPYTHONPLUGIN-3039677	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYKSBTPLUGIN-3038626	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Denial of Service (DoS) SNYK-JS-JSZIP-1251497	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	No Known Exploit
Prototype Pollution SNYK-JS-XML2JS-5414874	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade snyk from 1.305.0 to 1.1275.0. See this package in npm: https://www.npmjs.com/package/snyk See this project in Snyk: https://app.snyk.io/org/sandorturanszky/project/0785f907-6187-4235-96bf-b81811d612d2?utm_source=github&utm_medium=referral&page=upgrade-pr

vercel · 2024-02-18T01:19:18Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
expressjs-opensource	❌ Failed (Inspect)			Feb 18, 2024 1:20am

vercel bot had a problem deploying to Preview February 18, 2024 01:20 Failure

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade snyk from 1.305.0 to 1.1275.0 #161

[Snyk] Upgrade snyk from 1.305.0 to 1.1275.0 #161

sandorTuranszky commented Feb 18, 2024

vercel bot commented Feb 18, 2024 •

edited

Loading

[Snyk] Upgrade snyk from 1.305.0 to 1.1275.0 #161

Are you sure you want to change the base?

[Snyk] Upgrade snyk from 1.305.0 to 1.1275.0 #161

Conversation

sandorTuranszky commented Feb 18, 2024

Snyk has created this PR to upgrade snyk from 1.305.0 to 1.1275.0.

vercel bot commented Feb 18, 2024 • edited Loading

vercel bot commented Feb 18, 2024 •

edited

Loading