hackariens / electron

Template de nouveau project electron
0 stars 1 forks source link

chore(deps): update dependency http-cache-semantics to 4.1.1 [security] - autoclosed #87

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change
http-cache-semantics 3.8.1 -> 4.1.1
http-cache-semantics 4.1.0 -> 4.1.1

GitHub Vulnerability Alerts

CVE-2022-25881

http-cache semantics contains an Inefficient Regular Expression Complexity , leading to Denial of Service. This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.


Configuration

πŸ“… Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

β™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ”• Ignore: Close this PR and you won't be reminded about these updates again.



This PR has been generated by Mend Renovate. View repository job log here.