Tracing Ink will build itself a content management system to allow inter-company project collaboration between itself and it's clients.
0
stars
0
forks
source link
[Snyk] Security upgrade express from 4.0.0 to 4.16.0 #10
Open
snyk-bot opened 2 years ago
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
Adding or updating a Snyk policy (.snyk) file; this file is required in order to apply Snyk vulnerability patches. Find out more.
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 6.3
npm:cookie-signature:20160804
Why? Has a fix available, CVSS 5.4
npm:express:20140912
Why? Has a fix available, CVSS 7.5
npm:fresh:20170908
Why? Has a fix available, CVSS 3.7
npm:mime:20170907
Why? Has a fix available, CVSS 7.5
npm:negotiator:20160616
Why? Has a fix available, CVSS 7.5
npm:qs:20140806
Why? Has a fix available, CVSS 6.5
npm:qs:20140806-1
Why? Has a fix available, CVSS 7.5
npm:qs:20170213
Why? Has a fix available, CVSS 4.3
npm:send:20140912
Why? Has a fix available, CVSS 5.3
npm:send:20151103
(*) Note that the real score may have changed since the PR was raised.
With a Snyk patch:
Why? Has a fix available, CVSS 3.7
npm:mime:20170907
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Directory Traversal 🦉 Denial of Service (DoS) 🦉 Denial of Service (DoS) 🦉 More lessons are available in Snyk Learn