search

newrelic / opensource-website

Source code for New Relic's Opensource site.
https://opensource.newrelic.com
Apache License 2.0
145 stars 92 forks source link

[Snyk] Upgrade: gatsby, gatsby-plugin-manifest, gatsby-plugin-offline, gatsby-plugin-sass, gatsby-plugin-sharp, gatsby-remark-copy-linked-files, gatsby-remark-images, gatsby-source-filesystem, gatsby-transformer-json #929

Closed snyk-bot closed 1 year ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on
gatsby
from 3.3.1 to 3.14.6		 207 versions ahead of your current version 5 months ago
on 2021-11-18
gatsby-plugin-manifest
from 3.3.0 to 3.14.0		 53 versions ahead of your current version 7 months ago
on 2021-09-17
gatsby-plugin-offline
from 4.3.0 to 4.14.0		 54 versions ahead of your current version 7 months ago
on 2021-09-17
gatsby-plugin-sass
from 4.3.0 to 4.14.0		 38 versions ahead of your current version 7 months ago
on 2021-09-17
gatsby-plugin-sharp
from 3.3.1 to 3.14.3		 70 versions ahead of your current version 5 months ago
on 2021-11-02
gatsby-remark-copy-linked-files
from 4.0.0 to 4.11.0		 35 versions ahead of your current version 7 months ago
on 2021-09-17
gatsby-remark-images
from 5.0.0 to 5.11.0		 54 versions ahead of your current version 7 months ago
on 2021-09-17
gatsby-source-filesystem
from 3.3.0 to 3.14.0		 51 versions ahead of your current version 7 months ago
on 2021-09-17
gatsby-transformer-json
from 3.3.0 to 3.14.0		 33 versions ahead of your current version 7 months ago
on 2021-09-17

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430339		 365/1000
Why? CVSS 7.3		 No Known Exploit
Remote Memory Exposure
SNYK-JS-DNSPACKET-1293563		 365/1000
Why? CVSS 7.3		 No Known Exploit
Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430341		 365/1000
Why? CVSS 7.3		 No Known Exploit
Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430337		 365/1000
Why? CVSS 7.3		 No Known Exploit
Prototype Pollution
SNYK-JS-NODEFORGE-2331908		 365/1000
Why? CVSS 7.3		 No Known Exploit
Open Redirect
SNYK-JS-NODEFORGE-2330875		 365/1000
Why? CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1243891		 365/1000
Why? CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1085627		 365/1000
Why? CVSS 7.3		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-GLOBPARENT-1016905		 365/1000
Why? CVSS 7.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be automatically closed if no further activity occurs. Thank you for your contributions.

stale[bot] commented 1 year ago

This issue has been automatically closed because it was a stale issue that had no recent activity. Thank you for your contributions.