Closed snyk-bot closed 1 year ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Remote Code Execution (RCE)
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.1
SNYK-JS-EJS-2803307
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: zotero-plugin
The new version differs by 47 commits.- 25bdf8d 0.0.96
- fc1c9b4 ncu
- 4be54cb 0.0.95
- 8c80a0e 0.0.94
- 6ef1a47 ncu
- a36cae7 0.0.93
- 93812bf 0.0.92
- 206441c application/vnd.zotero.plugin
- 6120226 trace loader
- 6ce440d 0.0.91
- d1294c8 "allowUnreachableCode": false,
- 66ad34f 0.0.90
- c3c8563 ncu
- d0bfbc6 0.0.89
- cde02cd cleanup
- 3b453ec 0.0.88
- 5d35525 ncu
- 7f01d7d 0.0.87
- c433663 0.0.86
- 31b65d1 nvu
- cddae4e 0.0.85
- ea1b9d6 0.0.84
- 140a8cd ncu
- 85a2726 0.0.83
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Remote Code Execution (RCE)