Open tajul-saajan opened 1 month ago
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Cross-site Scripting (XSS)
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 6.3
SNYK-JS-COOKIE-8163060
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @nestjs/platform-express
The new version differs by 250 commits.- ed644e9 chore(@ nestjs) publish v10.4.5 release
- 0ea48d2 Merge pull request #13879 from frndvrgs/feat-opts-listen-method
- 508d2f3 Merge pull request #14060 from ezintz/fix-express-vulnerabilities
- 7cf4708 Merge pull request #13903 from nestjs/dependabot/npm_and_yarn/sample/31-graphql-federation-code-first/posts-application/multi-dabac980bd
- 8c2e03d Merge pull request #13917 from nestjs/dependabot/npm_and_yarn/sample/32-graphql-federation-schema-first/posts-application/micromatch-4.0.8
- 6ada824 Merge pull request #14064 from PattyTrish/cookie-vulnerability-update
- d2ca9ec Merge pull request #14066 from micalevisk/test/cover-validation-pipe-options
- 78b3f0c test(common): add tests for validation pipe on 'custom' types
- 980eb5b build(fastify): upgrade light-my-request to 6.1.0
- 160c3b3 build(express): upgrade to express 4.2.1
- d0f401a Merge pull request #14015 from nestjs/dependabot/npm_and_yarn/sample/10-fastify/find-my-way-8.2.2
- 89840ce Merge pull request #14039 from nestjs/dependabot/npm_and_yarn/sample/23-graphql-code-first/multi-1f9ae28231
- 9423743 Merge pull request #14040 from nestjs/dependabot/npm_and_yarn/sample/24-serve-static/multi-0b8bbc7c9e
- 9ee0224 Update Readme.md
- 93514fd chore(deps): bump send, @ nestjs/platform-express and express
- a46a7db chore(deps): bump serve-static, express and @ nestjs/platform-express
- 9825529 Merge pull request #14034 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-5eb378ec3a
- 826ff4b Merge pull request #14035 from nestjs/dependabot/npm_and_yarn/sample/28-sse/multi-6ddc2c7951
- fd740b6 chore(deps): bump send and @ nestjs/platform-express in /sample/28-sse
- c936dec chore(deps): bump serve-static and @ nestjs/platform-express
- 47cda92 Merge pull request #14030 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-6ddc2c7951
- d70d0ba Merge pull request #14031 from nestjs/dependabot/npm_and_yarn/sample/25-dynamic-modules/multi-5eb378ec3a
- 0fbc2a6 chore(deps): bump serve-static and @ nestjs/platform-express
- fa56e58 chore(deps): bump send and @ nestjs/platform-express
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Cross-site Scripting (XSS)