[Snyk] Fix for 106 vulnerabilities #62

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

tyroprogrammer wants to merge 1 commit into master

from snyk-fix-734be1af37e0a26a885241cca0a2fad8

Open

[Snyk] Fix for 106 vulnerabilities #62

tyroprogrammer wants to merge 1 commit into master from snyk-fix-734be1af37e0a26a885241cca0a2fad8

Conversation

tyroprogrammer

Copy link

Owner

@tyroprogrammer tyroprogrammer commented Sep 11, 2024

snyk-top-banner

Snyk has created this PR to fix 106 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

package.json
yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

Issue	Score
high severity	Prototype Poisoning SNYK-JS-QS-3153490	****
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	****
medium severity	Command Injection SNYK-JS-REACTDEVUTILS-1083268	****
medium severity	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	****
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	****
high severity	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	****
high severity	Prototype Pollution SNYK-JS-SETVALUE-1540541	****
high severity	Prototype Pollution SNYK-JS-SETVALUE-450213	****
high severity	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	****
medium severity	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	****
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	****
high severity	Arbitrary File Overwrite SNYK-JS-TAR-1536528	****
high severity	Arbitrary File Overwrite SNYK-JS-TAR-1536531	****
low severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	****
high severity	Arbitrary File Write SNYK-JS-TAR-1579147	****
high severity	Arbitrary File Write SNYK-JS-TAR-1579152	****
high severity	Arbitrary File Write SNYK-JS-TAR-1579155	****
medium severity	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	****
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	****
medium severity	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	****
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	****
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	****
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	****
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	****
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	****
high severity	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	****
medium severity	Improper Input Validation SNYK-JS-URLPARSE-1078283	****
medium severity	Open Redirect SNYK-JS-URLPARSE-1533425	****
medium severity	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	****
medium severity	Authorization Bypass SNYK-JS-URLPARSE-2407759	****
high severity	Improper Input Validation SNYK-JS-URLPARSE-2407770	****
medium severity	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	****
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	****
high severity	Denial of Service (DoS) SNYK-JS-WS-7266574	****
high severity	Prototype Pollution SNYK-JS-Y18N-1021887	****
medium severity	Prototype Pollution SNYK-JS-YARGSPARSER-560381	****
critical severity	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	786
critical severity	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577916	776
critical severity	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577917	776
critical severity	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577918	776
high severity	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	751
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	738
high severity	Prototype Pollution SNYK-JS-LODASH-567746	731
high severity	Arbitrary Code Execution SNYK-JS-HANDLEBARS-534478	726
high severity	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	706
critical severity	Prototype Pollution SNYK-JS-HANDLEBARS-534988	704
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	696
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	696
high severity	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	696
high severity	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	696
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-ES5EXT-6095076	696
high severity	Prototype Pollution SNYK-JS-LODASH-6139239	696
high severity	Prototype Pollution SNYK-JS-INI-1048974	686
high severity	Prototype Pollution SNYK-JS-LODASH-450202	686
high severity	Prototype Pollution SNYK-JS-LODASH-608086	686
high severity	Prototype Pollution SNYK-JS-NODEFORGE-598677	686
high severity	Prototype Pollution SNYK-JS-OBJECTPATH-1017036	686
high severity	Code Injection SNYK-JS-LODASH-1040724	681
high severity	Code Injection SNYK-JS-LODASHTEMPLATE-1088054	681
high severity	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	671
medium severity	Information Exposure SNYK-JS-EVENTSOURCE-2823375	646
medium severity	Prototype Pollution SNYK-JS-HANDLEBARS-567742	646
medium severity	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	646
medium severity	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	646
high severity	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	644
medium severity	Prototype Pollution SNYK-JS-DOTPROP-543489	636
medium severity	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	631
high severity	Prototype Pollution SNYK-JS-AJV-584908	619
medium severity	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	601
medium severity	Prototype Pollution SNYK-JS-MINIMIST-559764	601
medium severity	Prototype Pollution SNYK-JS-OBJECTPATH-1569453	601
high severity	Prototype Pollution SNYK-JS-MERGEDEEP-1070277	590
high severity	Prototype Pollution SNYK-JS-OBJECTPATH-1585658	590
high severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	589
high severity	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	589
high severity	Denial of Service (DoS) SNYK-JS-HANDLEBARS-480388	589
high severity	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	589
high severity	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	589
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	586
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	586
high severity	Prototype Pollution SNYK-JS-HANDLEBARS-469063	579
medium severity	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	554
medium severity	Information Exposure SNYK-JS-NODEFETCH-2342118	539
medium severity	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	524
medium severity	Denial of Service SNYK-JS-NODEFETCH-674311	520
medium severity	Timing Attack SNYK-JS-ELLIPTIC-511941	509
low severity	Validation Bypass SNYK-JS-KINDOF-537849	506
low severity	Prototype Pollution SNYK-JS-MINIMIST-2429795	506
low severity	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	506
medium severity	Prototype Pollution SNYK-JS-HIGHLIGHTJS-1045326	504
medium severity	Command Injection SNYK-JS-NODENOTIFIER-1035794	494
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-HIGHLIGHTJS-1048676	479
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	479
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	479
medium severity	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	479
medium severity	Improper Input Validation SNYK-JS-POSTCSS-5926692	479
medium severity	Prototype Pollution SNYK-JS-HAPIHOEK-548452	475

Important

Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 Cryptographic Issues
🦉 More lessons are available in Snyk Learn

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"@material-ui/icons","from":"3.0.2","to":"4.11.3"},{"name":"highlight.js","from":"9.15.8","to":"10.4.1"},{"name":"lodash","from":"4.17.11","to":"4.17.21"},{"name":"react-addons-shallow-compare","from":"15.6.2","to":"15.6.3"},{"name":"react-lowlight","from":"2.0.0","to":"3.0.0"},{"name":"react-markdown","from":"4.0.8","to":"6.0.0"},{"name":"react-router","from":"4.3.1","to":"6.0.0"},{"name":"react-router-dom","from":"4.3.1","to":"6.0.0"},{"name":"react-scripts","from":"3.3.0","to":"5.0.0"},{"name":"styled-components","from":"4.3.1","to":"6.0.0"}],"env":"prod","issuesToFix":[{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIHTML-1296849","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BABELTRAVERSE-5962462","priority_score":786,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.3","score":465},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Incomplete List of Disallowed Inputs"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BABELTRAVERSE-5962462","priority_score":786,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.3","score":465},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Incomplete List of Disallowed Inputs"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BABELTRAVERSE-5962462","priority_score":786,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.3","score":465},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Incomplete List of Disallowed Inputs"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BRACES-6838727","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BRACES-6838727","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-BROWSERIFYSIGN-6037026","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-COLORSTRING-1082939","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-DECODEURICOMPONENT-3149970","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-DOTPROP-543489","priority_score":636,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.3","score":315},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ELLIPTIC-1064899","priority_score":554,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.8","score":340},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Cryptographic Issues"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ELLIPTIC-511941","priority_score":509,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Timing Attack"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-571484","priority_score":706,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.7","score":385},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cryptographic Issues"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-7577916","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-7577917","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-7577918","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ELLIPTIC-1064899","priority_score":554,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.8","score":340},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Cryptographic Issues"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ELLIPTIC-511941","priority_score":509,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Timing Attack"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-571484","priority_score":706,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.7","score":385},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cryptographic Issues"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-7577916","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-7577917","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ELLIPTIC-7577918","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ES5EXT-6095076","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ES5EXT-6095076","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-EVENTSOURCE-2823375","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-GLOBPARENT-1016905","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-GLOBPARENT-1016905","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-GLOBPARENT-1016905","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HANDLEBARS-1056767","priority_score":671,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7","score":350},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Remote Code Execution (RCE)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HANDLEBARS-1279029","priority_score":601,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.6","score":280},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HANDLEBARS-469063","priority_score":579,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HANDLEBARS-480388","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HANDLEBARS-534478","priority_score":726,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary Code Execution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HANDLEBARS-534988","priority_score":704,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.8","score":490},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Prototype Pollution"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HANDLEBARS-567742","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HAPIHOEK-548452","priority_score":475,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":11},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HAPIHOEK-548452","priority_score":475,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":11},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HIGHLIGHTJS-1045326","priority_score":504,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.8","score":290},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HIGHLIGHTJS-1048676","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HIGHLIGHTJS-1045326","priority_score":504,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.8","score":290},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-HIGHLIGHTJS-1048676","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HOSTEDGITINFO-1088355","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HTMLMINIFIER-3091181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-HTTPPROXY-569139","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Denial of Service (DoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-INFLIGHT-6095116","priority_score":631,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.2","score":310},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Missing Release of Resource after Effective Lifetime"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-INI-1048974","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-IP-6240864","priority_score":751,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-IP-7148531","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Server-Side Request Forgery (SSRF)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ISSVG-1085627","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ISSVG-1243891","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-JSONSCHEMA-1920922","priority_score":644,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3042992","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3043105","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3105943","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3042992","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3043105","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3105943","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3042992","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-LOADERUTILS-3043105","priority_score":589,"priority_score_factors":[{"type":"fixabi...

@snyk-bot


 fix: package.json, yarn.lock & .snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-RAMDA-1582370
- https://snyk.io/vuln/SNYK-JS-REACTDEVUTILS-1083268
- https://snyk.io/vuln/SNYK-JS-REQUEST-3361831
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-570062
- https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541
- https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
- https://snyk.io/vuln/SNYK-JS-SHELLQUOTE-1766506
- https://snyk.io/vuln/SNYK-JS-SOCKJS-575261
- https://snyk.io/vuln/SNYK-JS-SSRI-1246392
- https://snyk.io/vuln/SNYK-JS-TAR-1536528
- https://snyk.io/vuln/SNYK-JS-TAR-1536531
- https://snyk.io/vuln/SNYK-JS-TAR-1536758
- https://snyk.io/vuln/SNYK-JS-TAR-1579147
- https://snyk.io/vuln/SNYK-JS-TAR-1579152
- https://snyk.io/vuln/SNYK-JS-TAR-1579155
- https://snyk.io/vuln/SNYK-JS-TAR-6476909
- https://snyk.io/vuln/SNYK-JS-TMPL-1583443
- https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038
- https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599
- https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1072471
- https://snyk.io/vuln/SNYK-JS-UAPARSERJS-610226
- https://snyk.io/vuln/SNYK-JS-UGLIFYJS-1727251
- https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660
- https://snyk.io/vuln/SNYK-JS-URLPARSE-1078283
- https://snyk.io/vuln/SNYK-JS-URLPARSE-1533425
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697
- https://snyk.io/vuln/SNYK-JS-WS-1296835
- https://snyk.io/vuln/SNYK-JS-WS-7266574
- https://snyk.io/vuln/SNYK-JS-Y18N-1021887
- https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
- https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-IP-6240864
- https://snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534988
- https://snyk.io/vuln/SNYK-JS-ANSIHTML-1296849
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970
- https://snyk.io/vuln/SNYK-JS-ES5EXT-6095076
- https://snyk.io/vuln/SNYK-JS-LODASH-6139239
- https://snyk.io/vuln/SNYK-JS-INI-1048974
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
- https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1017036
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
- https://snyk.io/vuln/SNYK-JS-EVENTSOURCE-2823375
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-567742
- https://snyk.io/vuln/SNYK-JS-HTTPPROXY-569139
- https://snyk.io/vuln/SNYK-JS-IP-7148531
- https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922
- https://snyk.io/vuln/SNYK-JS-DOTPROP-543489
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1279029
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453
- https://snyk.io/vuln/SNYK-JS-MERGEDEEP-1070277
- https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1585658
- https://snyk.io/vuln/SNYK-JS-ACORN-559469
- https://snyk.io/vuln/SNYK-JS-BROWSERIFYSIGN-6037026
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388
- https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194
- https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939
- https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
- https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355
- https://snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181
- https://snyk.io/vuln/SNYK-JS-ISSVG-1085627
- https://snyk.io/vuln/SNYK-JS-ISSVG-1243891
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067
- https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595
- https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-469063
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899
- https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118
- https://snyk.io/vuln/SNYK-JS-NWSAPI-2841516
- https://snyk.io/vuln/SNYK-JS-NODEFETCH-674311
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-511941
- https://snyk.io/vuln/SNYK-JS-KINDOF-537849
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/npm:debug:20170905
- https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1045326
- https://snyk.io/vuln/SNYK-JS-NODENOTIFIER-1035794
- https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1048676
- https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992
- https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692
- https://snyk.io/vuln/SNYK-JS-HAPIHOEK-548452
The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Fix for 106 vulnerabilities #62

Are you sure you want to change the base?

[Snyk] Fix for 106 vulnerabilities #62

Uh oh!

Conversation

@tyroprogrammer tyroprogrammer commented Sep 11, 2024

Snyk has created this PR to fix 106 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

Note for zero-installs users

Vulnerabilities that will be fixed with an upgrade:

Uh oh!

Uh oh!