Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
backend/package.json
backend/package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity
Priority Score (*)
Issue
Breaking Change
Exploit Maturity
551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 5.3
SNYK-JS-JQUERYVALIDATION-2940620
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: jquery-validation
The new version differs by 33 commits.- 5907740 1.19.5
- 5bbd80d Merge pull request from GHSA-ffmh-x56j-9rc3
- 3d3c1fb Chore: Add CodeQL analysis
- 0da4906 Core: fix deprecated jquery .submit() event shorthand (#2430)
- 1b79877 Localization: Add periods to messages (#2266)
- b68e282 Chore: update changelog
- 3a4cd94 Build: Updating the master version to 1.19.5-pre.
- 91d2098 Build: update release steps
- 69cb17e Core: fix ReDoS vulnerability in url2 (#2428)
- aa5bcdc Chore: update issue templates
- 350f6ae Core: fix validation for input type="date" (#2360)
- 7828568 Gruntfile.js: add LICENSE.md to zip tarball (#2386)
- 3688078 Chore: switch to stale bot github action (#2425)
- f8b0b53 README: update build status badge (#2424)
- 25293cc Test: Switch from Travis to GitHub workflows (#2423)
- 900a90b Core: fix code style (#2422)
- eb88df0 Core: wait for pendingRequests to finish before submitting form (#2369)
- 31ea8ff Fixed bug for Html Editor(summernote) (#2154)
- df89cf0 Create SECURITY.md
- bda9a58 Build: added CVE-2021-21252 reference
- 322a575 Build: Updating the master version to 1.19.4-pre.
- 5d8f29e Core: fixed Regular Expression Denial of Service vulnerability (#2371)
- b8d6646 Localization: Add "pattern" translation for French (#2363)
- b9c793c docs: Fix simple typo, atteched -> attached (#2345)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.