cloud-native-toolkit / ibm-garage-cloud-cli

Command-line utility to help with the end-to-end cloud native development process
Apache License 2.0
15 stars 9 forks source link

[Snyk] Upgrade tar from 6.1.11 to 6.2.1 #647

Open seansund opened 5 months ago

seansund commented 5 months ago

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade tar from 6.1.11 to 6.2.1.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **6 versions** ahead of your current version. - The recommended version was released on **2 months ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Uncontrolled Resource Consumption ('Resource Exhaustion')
[SNYK-JS-TAR-6476909](https://snyk.io/vuln/SNYK-JS-TAR-6476909) | **646** | Proof of Concept
Release notes
Package name: tar
  • 6.2.1 - 2024-03-21

    v6.2.1

      </li>
      <li>
        <b>6.2.0</b> - <a href="https://github.com/isaacs/node-tar/releases/tag/v6.2.0">2023-09-05</a></br><p>6.2.0</p>
      </li>
      <li>
        <b>6.1.15</b> - <a href="https://github.com/isaacs/node-tar/releases/tag/v6.1.15">2023-05-17</a></br><p>6.1.15</p>
      </li>
      <li>
        <b>6.1.14</b> - <a href="https://github.com/isaacs/node-tar/releases/tag/v6.1.14">2023-05-02</a></br><p>6.1.14</p>
      </li>
      <li>
        <b>6.1.13</b> - <a href="https://github.com/isaacs/node-tar/releases/tag/v6.1.13">2022-12-07</a></br><h2><a href="https://github.com/npm/node-tar/compare/v6.1.12...v6.1.13">6.1.13</a> (2022-12-07)</h2>

    Dependencies

      </li>
      <li>
        <b>6.1.12</b> - <a href="https://github.com/isaacs/node-tar/releases/tag/v6.1.12">2022-11-01</a></br><h2><a href="https://github.com/npm/node-tar/compare/v6.1.11...v6.1.12">6.1.12</a> (2022-10-31)</h2>

    Bug Fixes

    Documentation

      </li>
      <li>
        <b>6.1.11</b> - <a href="https://github.com/isaacs/node-tar/releases/tag/v6.1.11">2021-08-26</a></br><p>6.1.11</p>
      </li>
    </ul>
    from <a href="https://github.com/isaacs/node-tar/releases">tar GitHub release notes</a>


[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: