[Snyk] Security upgrade nodemailer from 6.4.6 to 6.6.1 by snyk-bot ยท Pull Request #174 ยท SlimIO/Registry
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
708/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.3 |
HTTP Header Injection SNYK-JS-NODEMAILER-1296415 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: nodemailer
The new version differs by 37 commits.- 7e02648 v6.6.1
- 1750c0f v6.6.0
- 0636d58 Merge branch 'master' of github.com:nodemailer/nodemailer
- 058d414 v6.6.0
- fcb0d1f test: ๐ aws ses SDK v3 support
- 2ef39e3 test: ๐ aws ses connection verification
- 6107585 fix: ๐ ses verify, add support for v3 API
- bf57cf5 Fixes resolveContent with streams overriding data
- 91108d7 v6.5.0
- 87d9b25 Pass through textEncoding to subnodes.
- 271f91b Update index.js
- 9b5fb94 v6.4.18
- 625a9ed Update README.md
- 1d24d8b docs: added rudimentary sponsor quote block
- a455716 Added OhMySMTP to services
- 6e045d1 v6.4.17
- ba31c64 v6.4.16
- 7e7b2b2 v6.4.15
- fca2041 Update CHANGELOG.md
- b4ccfa3 Oups
- 24b93bf Add ethereal.email to well-known/services.json
- 0f132fa doc: make the code a little more accessible with some code comments.
- 1815bad v6.4.14
- dd26ddd v6.4.13
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
๐ง View latest project report