airtng-node

airtng-node copied to clipboard

Bumps [bson](https://github.com/mongodb/js-bson) from 1.1.3 to 1.1.6. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Deserialization of Untrusted Data in bson All versions of...

dependabot-preview[bot]

Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The npm package y18n before versions...

dependabot-preview[bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.  #### Changes included in this PR - Changes to...

twilio-product-security

Bumps [pug-code-gen](https://github.com/pugjs/pug) from 2.0.2 to 2.0.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Remote code execution via the pretty option. Impact If...

dependabot-preview[bot]

[Security] Bump pug from 2.0.4 to 3.0.2

1

Bumps [pug](https://github.com/pugjs/pug) from 2.0.4 to 3.0.2. Release notes Sourced from pug's releases. [email protected] Bug Fixes Sanitise the pretty option (#3314) If a malicious attacker could control the pretty option, it...

dependabot-preview[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in lodash Versions of lodash prior to 4.17.19...

dependabot-preview[bot]

Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The ini npm package before version...

dependabot-preview[bot]

Bumps [xpath](https://github.com/goto100/xpath) from 0.0.24 to 0.0.32. Commits See full diff in compare view [](https://dependabot.com/compatibility-score/?dependency-name=xpath&package-manager=npm_and_yarn&previous-version=0.0.24&new-version=0.0.32) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot-preview[bot]

Bumps [bl](https://github.com/rvagg/bl) from 2.2.0 to 2.2.1. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Remote Memory Exposure in bl A buffer over-read vulnerability...

dependabot-preview[bot]

Bumps [mongoose-deep-populate](https://github.com/buunguyen/mongoose-deep-populate) from 3.1.1 to 3.2.0. Commits See full diff in compare view [](https://dependabot.com/compatibility-score/?dependency-name=mongoose-deep-populate&package-manager=npm_and_yarn&previous-version=3.1.1&new-version=3.2.0) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot-preview[bot]