vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git βοΈ
| Name | Status | Preview | Comments | Updated |
|---|---|---|---|---|
| tzdb | β Failed (Inspect) | Feb 12, 2023 at 2:36PM (UTC) |
Closed renovate[bot] closed 1 year ago
vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git βοΈ
| Name | Status | Preview | Comments | Updated |
|---|---|---|---|---|
| tzdb | β Failed (Inspect) | Feb 12, 2023 at 2:36PM (UTC) |
This PR contains the following updates:
7.0.2->10.2.7GitHub Vulnerability Alerts
GHSA-8x6c-cv3v-vp6g
This advisory is withdawn.
cacheable-request depends on http-cache-semanttics, which contains an Inefficient Regular Expression Complexity in versions prior to 4.1.1 of that package. cacheable-request has been updated to rely on the fixed version in 10.2.7.
Summary of http-cache-semantics vulnerability
http-cache semantics contains an Inefficient Regular Expression Complexity , leading to Denial of Service. This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.
Details
https://github.com/advisories/GHSA-rc47-6667-2j5j
Configuration
π Schedule: Branch creation - "" in timezone Europe/Paris, Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.