Shuunen / green-app

NativeScript-Vue 2.0 Test App
https://play.google.com/store/apps/details?id=green.nsvue.app
GNU General Public License v3.0
5 stars 0 forks source link

Update dependency http-cache-semantics to 4.1.1 [SECURITY] - autoclosed #727

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change
http-cache-semantics 4.1.0 -> 4.1.1

GitHub Vulnerability Alerts

CVE-2022-25881

http-cache semantics contains an Inefficient Regular Expression Complexity , leading to Denial of Service. This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.


Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Mend Renovate. View repository job log here.