search

hypersign-protocol / hyperfyre-frontend

A platform to automate the IDO whitelisting process using Hypersign SSI infrastructure.
https://fyre.hypersign.id
Apache License 2.0
3 stars 2 forks source link

[Snyk] Upgrade node-fetch from 2.6.1 to 2.7.0 #1962

Open Vishwas1 opened 5 months ago

Vishwas1 commented 5 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade node-fetch from 2.6.1 to 2.7.0.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
:sparkles: Snyk has automatically assigned this pull request, [set who gets assigned](https://app.snyk.io/org/vishwas1/project/2720c8e6-f642-42c7-953d-4401e8d2c85f/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr/settings/integration). :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **13 versions** ahead of your current version. - The recommended version was released **7 months ago**, on 2023-08-23. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Prototype Poisoning
[SNYK-JS-QS-3153490](https://snyk.io/vuln/SNYK-JS-QS-3153490) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Information Exposure
[SNYK-JS-SIMPLEGET-2361683](https://snyk.io/vuln/SNYK-JS-SIMPLEGET-2361683) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Arbitrary File Overwrite
[SNYK-JS-TAR-1536528](https://snyk.io/vuln/SNYK-JS-TAR-1536528) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Arbitrary File Overwrite
[SNYK-JS-TAR-1536531](https://snyk.io/vuln/SNYK-JS-TAR-1536531) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Arbitrary File Write
[SNYK-JS-TAR-1579147](https://snyk.io/vuln/SNYK-JS-TAR-1579147) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Prototype Pollution
[SNYK-JS-ASYNC-2441827](https://snyk.io/vuln/SNYK-JS-ASYNC-2441827) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Prototype Pollution
[SNYK-JS-JSONSCHEMA-1920922](https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Prototype Pollution
[SNYK-JS-MONGOOSE-5777721](https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Directory Traversal
[SNYK-JS-MOMENT-2440688](https://snyk.io/vuln/SNYK-JS-MOMENT-2440688) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-MOMENT-2944238](https://snyk.io/vuln/SNYK-JS-MOMENT-2944238) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Prototype Pollution
[SNYK-JS-MONGOOSE-2961688](https://snyk.io/vuln/SNYK-JS-MONGOOSE-2961688) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Arbitrary File Write
[SNYK-JS-TAR-1579152](https://snyk.io/vuln/SNYK-JS-TAR-1579152) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Arbitrary File Write
[SNYK-JS-TAR-1579155](https://snyk.io/vuln/SNYK-JS-TAR-1579155) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Prototype Poisoning
[SNYK-JS-QS-3153490](https://snyk.io/vuln/SNYK-JS-QS-3153490) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Improper Input Validation
[SNYK-JS-URLPARSE-2407770](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Improper Verification of Cryptographic Signature
[SNYK-JS-BROWSERIFYSIGN-6037026](https://snyk.io/vuln/SNYK-JS-BROWSERIFYSIGN-6037026) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Denial of Service (DoS)
[SNYK-JS-DECODEURICOMPONENT-3149970](https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ES5EXT-6095076](https://snyk.io/vuln/SNYK-JS-ES5EXT-6095076) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-RAMDA-1582370](https://snyk.io/vuln/SNYK-JS-RAMDA-1582370) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-VALIDATOR-1090600](https://snyk.io/vuln/SNYK-JS-VALIDATOR-1090600) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Open Redirect
[SNYK-JS-GOT-2932019](https://snyk.io/vuln/SNYK-JS-GOT-2932019) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Open Redirect
[SNYK-JS-GOT-2932019](https://snyk.io/vuln/SNYK-JS-GOT-2932019) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-HTTPCACHESEMANTICS-3248783](https://snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Denial of Service (DoS)
[SNYK-JS-JSZIP-1251497](https://snyk.io/vuln/SNYK-JS-JSZIP-1251497) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Prototype Pollution
[SNYK-JS-MPATH-1577289](https://snyk.io/vuln/SNYK-JS-MPATH-1577289) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Arbitrary File Write via Archive Extraction (Zip Slip)
[SNYK-JS-JSZIP-3188562](https://snyk.io/vuln/SNYK-JS-JSZIP-3188562) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-MINIMATCH-3050818](https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Information Exposure
[SNYK-JS-NODEFETCH-2342118](https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Information Exposure
[SNYK-JS-MONGODB-5871303](https://snyk.io/vuln/SNYK-JS-MONGODB-5871303) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-NODEMAILER-6219989](https://snyk.io/vuln/SNYK-JS-NODEMAILER-6219989) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-UGLIFYJS-1727251](https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Open Redirect
[SNYK-JS-URLPARSE-1533425](https://snyk.io/vuln/SNYK-JS-URLPARSE-1533425) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Access Restriction Bypass
[SNYK-JS-URLPARSE-2401205](https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Authorization Bypass
[SNYK-JS-URLPARSE-2407759](https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Authorization Bypass Through User-Controlled Key
[SNYK-JS-URLPARSE-2412697](https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-COOKIEJAR-3149984](https://snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Open Redirect
[SNYK-JS-EXPRESS-6474509](https://snyk.io/vuln/SNYK-JS-EXPRESS-6474509) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-TAR-1536758](https://snyk.io/vuln/SNYK-JS-TAR-1536758) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit | Prototype Pollution
[SNYK-JS-MINIMIST-2429795](https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: node-fetch from node-fetch GitHub release notes
Commit messages
Package name: node-fetch
  • 9b9d458 feat: `AbortError` (#1744)
  • 65ae25a fix: Remove the default connection close header (#1765)
  • 8bc3a7c fix: socket variable testing for undefined (#1726)
  • afb36f6 Revert "fix: handle bom in text and json (#1739)" (#1741)
  • 29909d7 fix: handle bom in text and json (#1739)
  • 70f592d fix: "global is not defined" (#1704)
  • 0f1ebb0 Prevent error when response is null (#1699)
  • 6e9464d ci(release): install dependencies
  • dd2a0ba ci(release): install dependencies
  • 49bef02 ci(release): use latest Node LTS
  • ce37bcd ci(semantic-release): config
  • 1768eaa ci(release): initial version
  • 8bb6e31 fix: prevent hoisting of the undefined `global` variable in `browser.js` (#1534)
  • e218f8d Add missing changelog entries. (#1613)
  • fddad0e fix(headers): don't forward secure headers on protocol change (#1605)
  • 50536d1 fix: premature close with chunked transfer encoding and for async iterators in Node 12 (#1172)
  • 838d971 Handle zero-length OK deflate responses (#903)
  • 1ef4b56 backport of #1449 (#1453)
  • 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
  • f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (#1352)
  • b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
  • 18193c5 fix v2.6.3 that did not sending query params (#1301)
  • ace7536 fix: properly encode url with unicode characters (#1291)
  • 152214c Fix(package.json): Corrected main file path in package.json (#1274)
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/vishwas1/project/2720c8e6-f642-42c7-953d-4401e8d2c85f?utm_source=github&utm_medium=referral&page=upgrade-pr) 👩‍💻 [Set who automatically gets assigned](https://app.snyk.io/org/vishwas1/project/2720c8e6-f642-42c7-953d-4401e8d2c85f/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr/) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/vishwas1/project/2720c8e6-f642-42c7-953d-4401e8d2c85f/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/vishwas1/project/2720c8e6-f642-42c7-953d-4401e8d2c85f/settings/integration?pkg=node-fetch&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)