[Snyk] Fix for 13 vulnerabilities by caniszczyk ยท Pull Request #441 ยท paralus/website
Snyk has created this PR to fix 13 vulnerabilities in the npm dependencies of this project.
Snyk changed the following file(s):
package.jsonpackage-lock.json
Vulnerabilities that will be fixed with an upgrade:
| Issue | Score | |
|---|---|---|
 |
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462 |
786 |
 |
Sandbox Bypass SNYK-JS-WEBPACK-3358798 |
736 |
|
Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727 |
696 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795 |
696 |
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504 |
666 |
|
Cross-site Scripting (XSS) SNYK-JS-WEBPACK-7840298 |
616 |
|
Prototype Pollution SNYK-JS-JSYAML-13961110 |
559 |
|
Prototype Pollution SNYK-JS-LODASH-15053838 |
559 |
|
Improper Input Validation SNYK-JS-NANOID-8492085 |
529 |
 |
Server-side Request Forgery (SSRF) SNYK-JS-WEBPACK-15235959 |
498 |
|
Server-side Request Forgery (SSRF) SNYK-JS-WEBPACK-15235969 |
498 |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169 |
489 |
|
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728 |
479 |
Important
- Check the changes in this PR to ensure they won't cause issues with your project.
- Max score is 1000. Note that the real score may have changed since the PR was raised.
- This PR was automatically created by Snyk using the credentials of a real user.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
๐ง View latest project report
๐ Customise PR templates
๐ Adjust project settings
๐ Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
๐ฆ Regular Expression Denial of Service (ReDoS)
๐ฆ Prototype Pollution
๐ฆ Improper Input Validation
๐ฆ More lessons are available in Snyk Learn