search

kawalcovid19 / wargabantuwarga.com

Inisiatif warga untuk berbagi informasi seputar fasilitas kesehatan dan alat kesehatan untuk COVID-19.
https://www.wargabantuwarga.com
MIT License
555 stars 166 forks source link

[Snyk] Fix for 13 vulnerabilities #896

Open zainfathoni opened 1 week ago

zainfathoni commented 1 week ago

snyk-top-banner

Snyk has created this PR to fix 13 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory. If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
critical severity Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		   786  
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577916		   776  
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577917		   776  
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577918		   776  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		   696  
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		   696  
medium severity Prototype Pollution
SNYK-JS-FASTXMLPARSER-3325616		   646  
medium severity Prototype Pollution
SNYK-JS-JSON5-3182856		   641  
high severity Remote Code Execution (RCE)
SNYK-JS-SHELLQUOTE-1766506		   619  
high severity Improper Verification of Cryptographic Signature
SNYK-JS-BROWSERIFYSIGN-6037026		   589  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-FASTXMLPARSER-5668858		   589  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-FASTXMLPARSER-7573289		   559  
medium severity Information Exposure
SNYK-JS-NODEFETCH-2342118		   539  

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report πŸ“œ Customise PR templates πŸ›  Adjust project settings πŸ“š Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

πŸ¦‰ Regular Expression Denial of Service (ReDoS) πŸ¦‰ Prototype Pollution πŸ¦‰ Remote Code Execution (RCE)

netlify[bot] commented 1 week ago

Deploy Preview for wargabantuwarga failed.

Name Link
Latest commit 46143cd174a55082e04f6c9e2348bb1ce2c48210
Latest deploy log https://app.netlify.com/sites/wargabantuwarga/deploys/66dac711f81442000821dd02