Closed snyk-bot closed 10 months ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
π¦ Prototype Pollution π¦ Arbitrary Code Injection π¦ Remote Code Execution (RCE) π¦ More lessons are available in Snyk Learn
Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 8.1
SNYK-JS-AJV-584908
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-ASYNC-2441827
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-BROWSERSLIST-1090194
Why? Has a fix available, CVSS 5.3
SNYK-JS-CSSWHAT-1298035
Why? Proof of Concept exploit, Has a fix available, CVSS 4.1
SNYK-JS-EJS-1049328
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1
SNYK-JS-EJS-2803307
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-GLOBPARENT-1016905
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-IMMER-1019369
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JS-IMMER-1540542
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-ISSVG-1085627
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-ISSVG-1243891
Why? Has a fix available, CVSS 8.6
SNYK-JS-JSONSCHEMA-1920922
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7
SNYK-JS-MINIMIST-2429795
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JS-MINIMIST-559764
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-NTHCHECK-1586032
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-PRISMJS-1585202
Why? Has a fix available, CVSS 5.4
SNYK-JS-PRISMJS-2404333
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JS-REACTDEVUTILS-1083268
Why? Proof of Concept exploit, Has a fix available, CVSS 7.7
SNYK-JS-SERIALIZEJAVASCRIPT-570062
Why? Proof of Concept exploit, Has a fix available, CVSS 7.1
SNYK-JS-SHELLJS-2332187
Why? Has a fix available, CVSS 8.1
SNYK-JS-SHELLQUOTE-1766506
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3
SNYK-JS-SOCKJS-575261
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JS-TRIM-1017038
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
π¦ Prototype Pollution π¦ Arbitrary Code Injection π¦ Remote Code Execution (RCE) π¦ More lessons are available in Snyk Learn