Hi, bynder-js-sdk is using an outdated version of many libraries, is it possible to bring bynder-js-sdk on the latest node?
This package has too many security issues because of the outdated libraries.
Issues with no direct upgrade or patch:
✗ Cross-site Request Forgery (CSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459] in axios@0.27.2
introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2
This issue was fixed in versions: 0.28.0, 1.6.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in axios@0.27.2
introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2
This issue was fixed in versions: 1.6.3
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in axios@0.27.2
introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2
This issue was fixed in versions: 1.6.4
Hi, bynder-js-sdk is using an outdated version of many libraries, is it possible to bring bynder-js-sdk on the latest node?
This package has too many security issues because of the outdated libraries.
Issues with no direct upgrade or patch: ✗ Cross-site Request Forgery (CSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459] in axios@0.27.2 introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2 This issue was fixed in versions: 0.28.0, 1.6.0 ✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in axios@0.27.2 introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2 This issue was fixed in versions: 1.6.3 ✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in axios@0.27.2 introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2 This issue was fixed in versions: 1.6.4
FYI... @elseee @erikvanbrakel