oaeproject / 3akai-ux

Open Academic Environment (OAE) Front-End
http://www.oaeproject.org
Educational Community License v2.0
134 stars 206 forks source link

[Snyk] Fix for 2 vulnerabilities #4242

Open snyk-bot opened 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 641/1000
Why? Recently disclosed, Has a fix available, CVSS 7.1
Arbitrary Code Execution
SNYK-JS-GRUNT-597546
Yes No Known Exploit
high severity 561/1000
Why? Recently disclosed, CVSS 9.8
Prototype Pollution
SNYK-JS-LODASH-590103
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: grunt-contrib-csslint The new version differs by 11 commits.
  • def72ff v2.0.0.
  • ce67536 Reduce lodash usage.
  • f387bb9 Merge pull request #73 from danpoltawski/show-line-numbers
  • 888c0e1 Merge pull request #74 from gruntjs/update-csslint r=vladikoff
  • 099cc12 Update CSSLint to v1.0.0.
  • d220e09 Show line numbers with lint issues
  • 7a02ddf Merge pull request #70 from gruntjs/deps
  • 930ceee Update dependencies.
  • 49d8c8a Upgrade grunt and devDeps to 1.0
  • 8e1fde7 Update CHANGELOG.
  • d001050 Add Appveyor for Windows testing.
See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

πŸ›  Adjust project settings

πŸ“š Read more about Snyk's upgrade and patch logic


This change is Reviewable