react-multi-carousel [Snyk] Fix for 2 vulnerabilities

[Snyk] Fix for 2 vulnerabilities

Open YIZHUANG opened this issue 1 year ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- examples/ssr/package.json
- examples/ssr/package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Prototype Pollution SNYK-JS-XML2JS-5414874	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: next

The new version differs by 250 commits.

ce5d9c8 v10.0.2
c3293b7 Fix docs about the return of getStaticProps on basic-features/pages (#19267)
b955268 Update next/link docs to not include example without `href` (#19247)
0f5db2a Fix link to developer plan in Kontent example (#19265)
5e5f206 v10.0.2-canary.20
ca590c4 Ensure i18n + trailingSlash: true handles correctly (#19149)
2750880 v10.0.2-canary.19
99e10a0 Ensure data prefetch for default locale is correct (#19085)
ab0e274 Upgrade `styled-jsx` (#19241)
c283442 Update 1.Bug_report.md
6826ddf Add docs on incrementally adopting Next.js. (#19226)
23111ca Update fast-refresh.md (#18047)
feb10f4 Update with-magic example (#19207)
43e7561 Update multi zones example (#16281)
208551f Upgraded to chakra V1 (#19181)
c8a2923 Update response-helpers.md (#19189)
1e3534e Add apollo state func (#19137)
7374d4f v10.0.2-canary.18
00f8297 Fix prefetching in IE11 (#19171)
f0d2e64 v10.0.2-canary.17
61c3db7 Fix minifying inline CSS comments (#19167)
a32b1f4 Enable handling for revalidate and notFound (#19165)
c1d2c32 v10.0.2-canary.16
1e61b69 Add locale: false for custom-routes + i18n (#19164)

Package name: snyk

The new version differs by 250 commits.

4cc1a94 Merge pull request #2105 from snyk/feat/webpack
7737f75 Merge pull request #2181 from snyk/test/migrate-old-snyk-format
418e6ad Merge pull request #2180 from snyk/test/migrate-is-docker
95631e7 test: migrate is-docker to jest
babe22a test: migrate old-snyk-format to jest
e22e94f feat: Snyk CLI is bundled with Webpack
dd46c19 Merge pull request #2175 from snyk/fix/snyk-protect-multiple
e7c314f Merge pull request #2178 from snyk/test/server-close
5e824c0 fix(protect): skip previously patched files
ca2177a fix(protect): catch and log unexpected errors
c9ddb44 chore(protect): move api url warnings to stderr
e8fed38 refactor(protect): move stdout logs to top level
55e88f9 Merge pull request #2177 from snyk/test/set-jest-acceptance-timeout
1522c5f test: server.close uses callbacks, not promises
13dce51 test: increase timeout for slow oauth test
65c35be Merge pull request #2172 from snyk/chore/no-run-test-on-master
a1e3992 chore: don't run tests on master
20feb67 Merge pull request #2165 from snyk/chore/dont-wait-for-regression-tests
f50bca7 Merge pull request #2167 from snyk/refactor/replace-cc-parser-with-split-functions
1ed7d11 refactor: replace cc parser with split functions
707801d Merge pull request #2166 from snyk/fix/support_quotes_in_poetry_toml
dc6b784 Merge pull request #2163 from snyk/chore/remove-store-test-results
7973015 fix: support quoted keys in inline tables
18f0d2a Merge pull request #2164 from snyk/chore/upgrade-snyk-nuget-plugin

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Learn how to fix vulnerabilities with free interactive lessons:

Jul 04 '23 17:07 YIZHUANG