guardrails[bot]
commented
1 year ago :warning: We detected 1 security issue in this pull request:
Mode: paranoid | Total findings: 1 | Considered vulnerability: 1
Vulnerable Libraries (1)
Severity | Details ----- | -------- High | [pkg:npm/express@4.18.2@4.18.2](https://github.com/turkdevops/vuex/blob/a62e068d986850942ec49b6a8dea3935fe5503af/yarn.lock#L5445) (t) - **no patch available** More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr#).
π Go to the dashboard for detailed results.
π₯ Happy? Share your feedback with us.
Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
SNYK-JS-QS-3153490
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
π§ View latest project report
π Adjust project settings
π Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
π¦ Prototype Pollution