AhMyth icon indicating copy to clipboard operation
AhMyth copied to clipboard

Published 20 hours ago verified publisher icon Morsmalleo

[Snyk] Fix for 1 vulnerabilities

Open Morsmalleo opened this issue 7 months ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • AhMyth-Server/app/node_modules/matchdep/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 589/1000
Why? Has a fix available, CVSS 7.5		 Prototype Pollution
SNYK-JS-UNSETVALUE-2400660		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: micromatch The new version differs by 29 commits.
  • 89efcff 4.0.0
  • f3238cb Merge pull request #151 from micromatch/dev
  • 7c78f9a ensure args are strings
  • 2e42796 bump picomatch
  • 09f8260 windows, it's time we had a talk...
  • a49f94c fix slashes in tests
  • a6ab670 use braces patch, build readme
  • 976d956 upgrade braces and picomatch
  • a6596da add benchmarks
  • 11168b1 rename unixify to windows
  • 5bf40fe package.json: Use github versions of deps to test the env.
  • 5d78d48 Drop node v6 since picomatch doesnt support it.
  • 96ac3ba Remove duplicate node. Remove unsupported node v7.
  • bf44408 Merge branch 'master' into dev
  • b8abcf9 Merge remote-tracking branch 'origin/dev'
  • e07df11 rebuild docs
  • 47340ad Merge remote-tracking branch 'origin/master' into dev
  • 52df06d refactor
  • 09bd55c Merge pull request #149 from Glazy/hotfix/issue-template-update
  • c32543d Add myself to package.json contributors list
  • 86858bf Update issue template w/ typo and question change
  • f2ce9d2 Merge pull request #130 from wtgtybhertgeghgtwtg/unescape
  • 677f127 Merge pull request #134 from Tvrqvoise/v3-changelog
  • 4a70a66 Merge pull request #141 from simlu/patch-1

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

Morsmalleo avatar Nov 25 '23 17:11 Morsmalleo