Open renovate[bot] opened 1 month ago
This PR contains the following updates:
2.3.6
2.3.7
jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
s.contexts._.configure
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.
This PR contains the following updates:
2.3.6->2.3.7GitHub Vulnerability Alerts
CVE-2024-38999
jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function
s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.Release Notes
jrburke/r.js (requirejs)
### [`v2.3.7`](https://togithub.com/jrburke/r.js/compare/2.3.6...2.3.7) [Compare Source](https://togithub.com/jrburke/r.js/compare/2.3.6...2.3.7)Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.