search

twilio / twilio-chat-js-cordova-example

Cordova app example for Twilio Programmable Chat with working iOS and Android push messages
https://www.twilio.com/chat
8 stars 12 forks source link

[Snyk] Fix for 4 vulnerabilities #15

Open twilio-product-security opened 2 years ago

twilio-product-security commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 748/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1		 Improper Privilege Management
SNYK-JS-SHELLJS-2332187		 Yes Proof of Concept
medium severity 646/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 6.5		 Server-side Request Forgery (SSRF)
SNYK-JS-SYSTEMINFORMATION-1078290		 Yes Proof of Concept
medium severity 494/1000
Why? Has a fix available, CVSS 5.6		 Arbitrary Command Injection
SNYK-JS-SYSTEMINFORMATION-1243748		 Yes No Known Exploit
low severity 506/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 3.7		 Improper Input Validation
SNYK-JS-SYSTEMINFORMATION-1244526		 Yes Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic