transformimgs
transformimgs copied to clipboard
Published
20 hours ago •
Pixboost
Pixboost
[Snyk] Security upgrade swagger-ui from 5.11.0 to 5.12.1
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- misc/swagger-ui/package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 |
Template Injection SNYK-JS-DOMPURIFY-6474511 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: swagger-ui
The new version differs by 171 commits.- b2e673d fix(try-it-out): fix issues related to building requests from parameters (#9746)
- 8225cfd chore(deps-dev): bump @ babel/cli from 7.23.9 to 7.24.1 (#9743)
- 357dff3 chore(deps-dev): bump autoprefixer from 10.4.18 to 10.4.19 (#9742)
- 0dc3c7c chore(deps): bump dompurify from 3.0.10 to 3.0.11 (#9741)
- bf65c4e chore(deps-dev): bump cssnano from 6.1.0 to 6.1.1 (#9737)
- 9694620 chore(deps-dev): bump cypress from 13.7.0 to 13.7.1 (#9735)
- ec4e982 chore(deps): bump @ braintree/sanitize-url from 7.0.0 to 7.0.1 (#9736)
- a2fdae9 chore(deps-dev): bump webpack from 5.90.3 to 5.91.0 (#9726)
- b928c09 chore(deps-dev): bump express from 4.18.3 to 4.19.1 (#9727)
- 99724a1 chore(deps-dev): bump @ commitlint/cli from 19.2.0 to 19.2.1 (#9725)
- 7c4fa83 chore(deps-dev): bump webpack-dev-server from 5.0.3 to 5.0.4 (#9719)
- b3fb525 chore(deps-dev): bump @ babel/preset-react from 7.23.3 to 7.24.1 (#9721)
- 8edca10 chore(deps): bump dompurify from 3.0.9 to 3.0.10 (#9720)
- 6bb810a chore(deps-dev): bump @ babel/core from 7.24.0 to 7.24.1 (#9715)
- a2daeda chore(deps-dev): bump @ babel/plugin-transform-runtime (#9716)
- ac4c853 chore(deps-dev): bump @ babel/eslint-parser from 7.23.10 to 7.24.1 (#9714)
- f91ca82 chore(deps-dev): bump eslint-plugin-react from 7.34.0 to 7.34.1 (#9707)
- 24c0165 chore(deps-dev): bump postcss from 8.4.35 to 8.4.36 (#9708)
- b4b42ac chore(deps-dev): bump postcss-preset-env from 9.5.1 to 9.5.2 (#9706)
- 95feee2 chore(deps-dev): bump @ commitlint/cli from 19.1.0 to 19.2.0 (#9701)
- 37e2c27 chore(deps): bump follow-redirects from 1.15.4 to 1.15.6 (#9704)
- cebccaa chore(deps-dev): bump postcss-preset-env from 9.5.0 to 9.5.1 (#9695)
- 49a73c5 chore(deps-dev): bump cypress from 13.6.6 to 13.7.0 (#9697)
- 7c4d0fb chore(deps-dev): bump sass from 1.71.1 to 1.72.0 (#9696)
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
