Closed renovate[bot] closed 2 years ago
This PR contains the following updates:
1.5.6
1.5.8
1.5.3
url-parse prior to version 1.5.7 is vulnerable to Authorization Bypass Through User-Controlled Key. Url-parse is not able to verify broken protocol. This will allow to bypass hostname validation.
url-parse prior to version 1.5.8 is vulnerable to Authorization Bypass Through User-Controlled Key.
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.
📅 Schedule: "" (UTC).
🚦 Automerge: Enabled.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by WhiteSource Renovate. View repository job log here.
This PR contains the following updates:
1.5.6
->1.5.8
1.5.3
->1.5.6
GitHub Vulnerability Alerts
CVE-2022-0639
url-parse prior to version 1.5.7 is vulnerable to Authorization Bypass Through User-Controlled Key. Url-parse is not able to verify broken protocol. This will allow to bypass hostname validation.
CVE-2022-0686
url-parse prior to version 1.5.8 is vulnerable to Authorization Bypass Through User-Controlled Key.
CVE-2022-0512
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6.
Configuration
📅 Schedule: "" (UTC).
🚦 Automerge: Enabled.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by WhiteSource Renovate. View repository job log here.