Skip to content

[Snyk] Fix for 72 vulnerabilities #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: CircleCI-v2
Choose a base branch
from
Open

[Snyk] Fix for 72 vulnerabilities #132

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:

    • package.json

  • Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches.
    Find out more.

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 619/1000
Why? Has a fix available, CVSS 8.1		 Prototype Pollution
SNYK-JS-AJV-584908		 Yes No Known Exploit
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIHTML-1296849		 Yes Proof of Concept
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 Yes Proof of Concept
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-ASYNC-2441827		 Yes Proof of Concept
medium severity 616/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.9		 Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255		 Yes Proof of Concept
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269		 Yes Proof of Concept
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Denial of Service (DoS)
SNYK-JS-AXIOS-174505		 Yes Proof of Concept
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		 Yes Proof of Concept
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960		 Yes No Known Exploit
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Prototype Pollution
SNYK-JS-DEXIE-2607042		 No Proof of Concept
medium severity 636/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.3		 Prototype Pollution
SNYK-JS-DOTPROP-543489		 Yes Proof of Concept
medium severity 526/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 4.1		 Arbitrary Code Injection
SNYK-JS-EJS-1049328		 Yes Proof of Concept
high severity 726/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1		 Remote Code Execution (RCE)
SNYK-JS-EJS-2803307		 Yes Proof of Concept
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Denial of Service (DoS)
SNYK-JS-ENGINEIO-1056749		 Yes Proof of Concept
high severity 589/1000
Why? Has a fix available, CVSS 7.5		 Denial of Service (DoS)
SNYK-JS-FILETYPE-2958042		 Yes No Known Exploit
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 Yes Proof of Concept
low severity 344/1000
Why? Has a fix available, CVSS 2.6		 Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 Yes No Known Exploit
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-GLOBPARENT-1016905		 Yes Proof of Concept
medium severity 484/1000
Why? Has a fix available, CVSS 5.4		 Open Redirect
SNYK-JS-GOT-2932019		 Yes No Known Exploit
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-HIGHLIGHTJS-1048676		 Yes No Known Exploit
medium severity 509/1000
Why? Has a fix available, CVSS 5.9		 Denial of Service (DoS)
SNYK-JS-IPFSBITSWAP-174847		 No No Known Exploit
medium severity 429/1000
Why? Has a fix available, CVSS 4.3		 Reverse Tabnabbing
SNYK-JS-ISTANBULREPORTS-2328088		 Yes No Known Exploit
medium severity 591/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.4		 Cross-site Scripting (XSS)
SNYK-JS-KARMA-2395349		 Yes Proof of Concept
medium severity 484/1000
Why? Has a fix available, CVSS 5.4		 Open Redirect
SNYK-JS-KARMA-2396325		 Yes No Known Exploit
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 Yes Proof of Concept
high severity 681/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.2		 Command Injection
SNYK-JS-LODASH-1040724		 Yes Proof of Concept
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Prototype Pollution
SNYK-JS-LODASH-450202		 Yes Proof of Concept
high severity 731/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.2		 Prototype Pollution
SNYK-JS-LODASH-567746		 Yes Proof of Concept
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Prototype Pollution
SNYK-JS-LODASH-608086		 Yes Proof of Concept
medium severity 489/1000
Why? Has a fix available, CVSS 5.5		 Information Exposure
SNYK-JS-LOG4JS-2348757		 Yes No Known Exploit
low severity 506/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7		 Prototype Pollution
SNYK-JS-MINIMIST-2429795		 Yes Proof of Concept
medium severity 601/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6		 Prototype Pollution
SNYK-JS-MINIMIST-559764		 Yes Proof of Concept
high severity 589/1000
Why? Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-MOCHA-561476		 Yes No Known Exploit
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Open Redirect
SNYK-JS-NODEFORGE-2330875		 No Proof of Concept
medium severity 529/1000
Why? Has a fix available, CVSS 6.3		 Prototype Pollution
SNYK-JS-NODEFORGE-2331908		 No No Known Exploit
medium severity 494/1000
Why? Has a fix available, CVSS 5.6		 Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430337		 No No Known Exploit
high severity 579/1000
Why? Has a fix available, CVSS 7.3		 Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430339		 No No Known Exploit
medium severity 494/1000
Why? Has a fix available, CVSS 5.6		 Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430341		 No No Known Exploit
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Prototype Pollution
SNYK-JS-NODEFORGE-598677		 Yes Proof of Concept
high severity 751/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.6		 Command Injection
SNYK-JS-NODEMAILER-1038834		 Yes Proof of Concept
medium severity 636/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.3		 HTTP Header Injection
SNYK-JS-NODEMAILER-1296415		 Yes Proof of Concept
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Authorization Bypass Through User-Controlled Key
SNYK-JS-PARSEPATH-2936439		 Yes Proof of Concept
medium severity 591/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.4		 Cross-site Scripting (XSS)
SNYK-JS-PARSEURL-2935944		 Yes Proof of Concept
medium severity 561/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 4.8		 Information Exposure
SNYK-JS-PARSEURL-2935947		 Yes Proof of Concept
critical severity 791/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 9.4		 Server-side Request Forgery (SSRF)
SNYK-JS-PARSEURL-2936249		 Yes Proof of Concept
medium severity 591/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.4		 Cross-site Scripting (XSS)
SNYK-JS-PARSEURL-2942134		 Yes Proof of Concept
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-REDIS-1255645		 Yes No Known Exploit
critical severity 714/1000
Why? Has a fix available, CVSS 10		 Cross-site Scripting (XSS)
SNYK-JS-REMARKHTML-1583433		 Yes No Known Exploit
high severity 726/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1		 Command Injection
SNYK-JS-SIMPLEGIT-2421199		 Yes Proof of Concept
high severity 726/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1		 Command Injection
SNYK-JS-SIMPLEGIT-2434306		 Yes Proof of Concept
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Insecure Defaults
SNYK-JS-SOCKETIO-1024859		 Yes Proof of Concept
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Denial of Service (DoS)
SNYK-JS-SOCKETIOPARSER-1056752		 Yes Proof of Concept
high severity 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-TRIM-1017038		 Yes Proof of Concept
high severity 589/1000
Why? Has a fix available, CVSS 7.5		 Denial of Service (DoS)
SNYK-JS-TRIMNEWLINES-1298042		 Yes No Known Exploit
medium severity 479/1000
Why? Has a fix available, CVSS 5.3		 Improper Input Validation
SNYK-JS-URLPARSE-1078283		 Yes No Known Exploit
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Open Redirect
SNYK-JS-URLPARSE-1533425		 Yes Proof of Concept
medium severity 641/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.4		 Access Restriction Bypass
SNYK-JS-URLPARSE-2401205		 Yes Proof of Concept
medium severity 641/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.4		 Authorization Bypass
SNYK-JS-URLPARSE-2407759		 Yes Proof of Concept
high severity 726/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1		 Improper Input Validation
SNYK-JS-URLPARSE-2407770		 Yes Proof of Concept
medium severity 631/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.2		 Authorization Bypass Through User-Controlled Key
SNYK-JS-URLPARSE-2412697		 Yes Proof of Concept
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 Yes Proof of Concept
high severity 726/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1		 Arbitrary Code Injection
SNYK-JS-XMLHTTPREQUESTSSL-1082936		 Yes Proof of Concept
high severity 686/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.3		 Access Restriction Bypass
SNYK-JS-XMLHTTPREQUESTSSL-1255647		 Yes Proof of Concept
medium severity 601/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6		 Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 Yes Proof of Concept
low severity 506/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7		 Regular Expression Denial of Service (ReDoS)
npm:braces:20180219		 Yes Proof of Concept
low severity 399/1000
Why? Has a fix available, CVSS 3.7		 Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 Yes No Known Exploit
high severity 676/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1		 Regular Expression Denial of Service (ReDoS)
npm:diff:20180305		 Yes Proof of Concept
critical severity 704/1000
Why? Has a fix available, CVSS 9.8		 Arbitrary Code Injection
npm:growl:20160721		 Yes No Known Exploit
medium severity 469/1000
Why? Has a fix available, CVSS 5.1		 Denial of Service (DoS)
npm:mem:20180117		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: aegir The new version differs by 250 commits.
  • 585b004 chore(release): 36.2.3 [skip ci]
  • a4123d5 chore(deps): bump simple-git from 2.37.0 to 3.3.0 (#944)
  • 045ee8a chore(release): 36.2.2 [skip ci]
  • cdd0ad1 chore: fix linting
  • 677efd7 chore: slow ci is slow
  • 2f88c95 fix: restore typesversions for ts config file
  • 512e594 chore(release): 36.2.1 [skip ci]
  • d03bb03 fix: types for test utils
  • 539f597 fix: update config
  • a849765 fix: publish utils dir
  • 9b45b4b chore(release): 36.2.0 [skip ci]
  • 3defb4f chore: add auto-release
  • 3fec2e3 chore: remove unused dep
  • dcb5be6 chore: add path dep
  • feeeb54 fix: tsc receives forward args (#939)
  • d3dc7cd fix: cache types dir
  • 6136719 chore: add install browser deps action
  • d8111a2 fix: remove playwright
  • 7f83b6c fix: run playwright install-deps
  • 40a49f6 fix: cache playwright browsers
  • ad2f33b chore: change if clause
  • f261653 chore: update clause
  • 55f77f3 chore: print os runner
  • fb41e56 chore: skip cache on windows

See the full diff

Package name: cid-tool The new version differs by 8 commits.

See the full diff

Package name: file-type The new version differs by 218 commits.
  • b5fe3b9 16.5.4
  • d868356 Fix: Malformed MKV could cause an infinite loop
  • 3b08ab1 Upgrade and unlock dependencies
  • c011315 Lock strtok3 dependency
  • 9102f1c Update dependency to token-types v3, supporting BigInt (#465)
  • ac866f9 16.5.1
  • 0012c56 Fix `mimeTypes` TypeScript type (#464)
  • 92f3f50 Meta tweaks
  • 4ea7bff 16.5.0
  • 57ecf2d Add support for JPEG XL image format (#455)
  • 07101ac Remove ASAR 240 bytes of JSON payload length limitation (#453)
  • 3df0ed1 Remove an unnecessary dependency (#458)
  • 1e4e8df 16.4.0
  • 29618c8 Add support for VCF (and fix ICS detection) (#451)
  • 6ab25f3 Add support for XCF (#450)
  • 7021d9a Remove moot check for sync word at odd offsets for MPEG detection (#448)
  • fd1e72c 16.3.0
  • 9319167 Add support for Zstandard compressed file (#439)
  • 2cc0869 Add file type descriptions (#433)
  • 98e6886 16.2.0
  • 9736aa3 Improve PDF / AI (Adobe Illustrator) recognition (#396)
  • 7f95cd2 Add support for 3mf (#415)
  • 579f8cb 16.1.0
  • e43cdc9 Add support for CHM (#424)

See the full diff

Package name: interface-ipfs-core The new version differs by 250 commits.
  • 7375caa chore: publish
  • 2b59d9d chore: update contributors
  • d147494 fix: always close writer so iterator throws on error (#3980)
  • 6eeaca4 fix(pubsub): multibase in pubsub http rpc (#3922)
  • 33f1034 feat: improve collected metrics (#3978)
  • 73476f5 chore: Bump @ ipld/dag-cbor to v7 (#3977)
  • adde8c1 fix: use peer store for id (#3973)
  • dec9e4c chore: fix monitoring (#3972)
  • c083645 chore: remove noise fork (#3969)
  • 80ac58c fix: ensure directory is passed (#3968)
  • 45ac973 fix: return nested value from dag.get (#3966)
  • 9018432 chore: switch from IPFS_REUSEPORT to LIBP2P_TCP_REUSEPORT (#3955)
  • 38c01be feat: update DAG API to match [email protected] changes (#3917)
  • 0c269cf chore: add default option extentions (#3965)
  • 62d8ecb feat: dht client (#3947)
  • c272bfb docs: add CORS to getting started (#3943)
  • 6178708 chore: publish
  • 3bd8b25 chore: update contributors
  • 484d255 chore: update aegir and multiformats (#3949)
  • 70c67e2 fix: typo (#3946)
  • 041fc29 chore: update version
  • 4dcd335 docs: fixing a broken link (#3942)
  • fdc148b chore: publish
  • f419553 fix: pass hasher loader to bitswap (#3944)

See the full diff

Package name: ipfs-api The new version differs by 21 commits.
  • f382ac0 chore: release version v26.0.3
  • 2856afe chore: update contributors
  • 7fb2cff chore: release version v26.0.2
  • 75e0771 chore: update contributors
  • ddf8bee chore: release version v26.0.1
  • a8f37d6 chore: update contributors
  • 0b46750 fix: pin.ls ignored opts when hash was present (#875)
  • 9eaaea3 chore: release version v26.0.0
  • 3f927a9 chore: update contributors
  • 979d8b5 fix: add missing and remove unused dependencies (#879)
  • 0652ac0 chore: update to ipld-dag-cbor 0.13
  • c534375 chore: remove ipld formats re-export (#872)
  • ef49e95 feat: ipns over pubsub (#846)
  • 14a4471 chore: release version v25.0.0
  • 07d6351 chore: update contributors
  • 834934f fix: add bl module to package dependencies (#853) (#854)
  • 68503cc chore: require just functions needed from lodash (#865)
  • c510cb7 fix: add lodash dependency (#873)
  • 180da77 fix: >150mb bodies no longer crashing Chromium (#868)
  • afc5724 chore: set minimal node version to 8 (#847)
  • 118a965 small fix to bundle-browserify for recent js-ipfs-api (#849)

See the full diff

Package name: ipfs-bitswap The new version differs by 38 commits.

See the full diff

Package name: ipfs-http-response The new version differs by 48 commits.

See the full diff

Package name: ipfs-repo The new version differs by 35 commits.

See the full diff

Package name: ipfsd-ctl The new version differs by 85 commits.
  • c005718 chore: release version v0.47.0
  • 53bca43 chore: update contributors
  • b502bd4 fix: fix non-disposable and normalises behaviour (#379)
  • e23796a chore: release version v0.46.3
  • 0555288 chore: update contributors
  • 6b5096e chore: update deps and travis config
  • 2833e91 chore: release version v0.46.2
  • eab3adf chore: update contributors
  • 6be5027 fix: fix electron (#375)
  • a8ff682 docs: make travis badge point to master branch (#372)
  • 27404d6 chore: release version v0.46.1
  • 0b45be5 chore: update contributors
  • cb321f4 chore: upgrade http client (#371)
  • a62bd97 fix: make proc silent by default
  • 2f61eef chore: update dependencies (#370)
  • 76e0679 chore: update travis config (#368)
  • 22f7f6a chore: release version v0.46.0
  • 48ab5f2 chore: update contributors
  • 3d4b943 feat: remove pubsub flags (#366)
  • 4dd13b4 chore: release version v0.45.1
  • 529ecb0 chore: update contributors
  • 376da26 chore: update ipfs dep (#364)
  • f635333 chore: release version v0.45.0
  • ea2da39 chore: update contributors

See the full diff

Package name: ipld The new version differs by 43 commits.

See the full diff

Package name: ipns The new version differs by 152 commits.
  • 8f2bd28 chore: release version v0.16.0
  • bc8a9a7 chore: update contributors

@snyk-bot
fix: package.json & .snyk to reduce vulnerabilities
42f3bef 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
- https://snyk.io/vuln/SNYK-JS-AXIOS-1038255
- https://snyk.io/vuln/SNYK-JS-AXIOS-1579269
- https://snyk.io/vuln/SNYK-JS-AXIOS-174505
- https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194
- https://snyk.io/vuln/SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960
- https://snyk.io/vuln/SNYK-JS-DEXIE-2607042
- https://snyk.io/vuln/SNYK-JS-DOTPROP-543489
- https://snyk.io/vuln/SNYK-JS-EJS-1049328
- https://snyk.io/vuln/SNYK-JS-EJS-2803307
- https://snyk.io/vuln/SNYK-JS-ENGINEIO-1056749
- https://snyk.io/vuln/SNYK-JS-FILETYPE-2958042
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2332181
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2396346
- https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
- https://snyk.io/vuln/SNYK-JS-GOT-2932019
- https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1048676
- https://snyk.io/vuln/SNYK-JS-IPFSBITSWAP-174847
- https://snyk.io/vuln/SNYK-JS-ISTANBULREPORTS-2328088
- https://snyk.io/vuln/SNYK-JS-KARMA-2395349
- https://snyk.io/vuln/SNYK-JS-KARMA-2396325
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LOG4JS-2348757
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-MOCHA-561476
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2330875
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2331908
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430337
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430339
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430341
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
- https://snyk.io/vuln/SNYK-JS-NODEMAILER-1038834
- https://snyk.io/vuln/SNYK-JS-NODEMAILER-1296415
- https://snyk.io/vuln/SNYK-JS-PARSEPATH-2936439
- https://snyk.io/vuln/SNYK-JS-PARSEURL-2935944
- https://snyk.io/vuln/SNYK-JS-PARSEURL-2935947
- https://snyk.io/vuln/SNYK-JS-PARSEURL-2936249
- https://snyk.io/vuln/SNYK-JS-PARSEURL-2942134
- https://snyk.io/vuln/SNYK-JS-REDIS-1255645
- https://snyk.io/vuln/SNYK-JS-REMARKHTML-1583433
- https://snyk.io/vuln/SNYK-JS-SIMPLEGIT-2421199
- https://snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306
- https://snyk.io/vuln/SNYK-JS-SOCKETIO-1024859
- https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-1056752
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038
- https://snyk.io/vuln/SNYK-JS-TRIMNEWLINES-1298042
- https://snyk.io/vuln/SNYK-JS-URLPARSE-1078283
- https://snyk.io/vuln/SNYK-JS-URLPARSE-1533425
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697
- https://snyk.io/vuln/SNYK-JS-WS-1296835
- https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936
- https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1255647
- https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/npm:diff:20180305
- https://snyk.io/vuln/npm:growl:20160721
- https://snyk.io/vuln/npm:mem:20180117


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/npm:lodash:20180130
- https://snyk.io/vuln/npm:tunnel-agent:20170305
@adamlaska adamlaska mentioned this pull request Feb 11, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot