search

TheKingTermux / alice

Apache License 2.0
1 stars 0 forks source link

[Snyk] Upgrade got from 14.2.1 to 14.4.2 #618

Closed TheKingTermux closed 2 months ago

TheKingTermux commented 2 months ago

snyk-top-banner

Snyk has created this PR to upgrade got from 14.2.1 to 14.4.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Server-side Request Forgery (SSRF)
SNYK-JS-AXIOS-7361793		 833 Proof of Concept
high severity Uncaught Exception
SNYK-JS-SOCKETIO-7278048		 833 No Known Exploit
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JS-TAR-6476909		 833 Proof of Concept
critical severity Remote Code Execution (RCE)
SNYK-JS-VM2-5772823		 833 Proof of Concept
critical severity Remote Code Execution (RCE)
SNYK-JS-VM2-5772825		 833 Mature
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-NTHCHECK-1586032		 833 Proof of Concept
medium severity Exposure of Sensitive Information to an Unauthorized Actor
SNYK-JS-PHIN-6598077		 833 No Known Exploit
Release notes
Package name: got from got GitHub release notes

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: