ttv-chat-bot icon indicating copy to clipboard operation
ttv-chat-bot copied to clipboard

Published 20 hours ago verified publisher icon clarkio

[Snyk] Security upgrade socket.io from 3.1.2 to 4.7.0

Open clarkio opened this issue 1 year ago • 1 comments

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		   768  

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)

clarkio avatar Jul 01 '24 03:07 clarkio

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/[email protected] filesystem, network Transitive: environment +18 3.22 MB darrachequesne

🚮 Removed packages: npm/[email protected]

View full report↗︎

socket-security[bot] avatar Jul 01 '24 03:07 socket-security[bot]