Open yurikrupnik opened 7 months ago
While plain-text storage of sensitive information does not directly place data at risk, it exacerbates the impact of a breach as personal information, payment data or other information will be available to a successful attacker. As a result, it is important to consider the security classification of data stored by an application as well as any regulatory requirements applicable.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - packages/service1/package.json - packages/service1/package-lock.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") | **486/1000****Why?** Recently disclosed, Has a fix available, CVSS 4 | Insecure Storage of Sensitive Information
[SNYK-JS-GOOGLECLOUDFIRESTORE-6100635](https://snyk.io/vuln/SNYK-JS-GOOGLECLOUDFIRESTORE-6100635) | Yes | No Known Exploit (*) Note that the real score may have changed since the PR was raised. Check the changes in this PR to ensure they won't cause issues with your project. ------------ **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.* For more information: