lazyweb
lazyweb copied to clipboard
Published
20 hours ago •
dishant0406
dishant0406
[Snyk] Fix for 2 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- lazyweb/package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5 |
HTTP Request Smuggling SNYK-JS-NEXT-6828456 |
No | No Known Exploit |
 |
581/1000 Why? Recently disclosed, Has a fix available, CVSS 5.9 |
Server-Side Request Forgery (SSRF) SNYK-JS-NEXT-6828457 |
Yes | No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: next
The new version differs by 250 commits.- 5f59ee5 v14.1.1
- f48b90b even more
- 7f789f4 more timeout
- ab71c4c update timeout
- 75f60d9 update trigger release workflow
- 74b3f0f Server Action tests (#62655)
- a6946b6 Backport metadata fixes (#62663)
- 4002f4b Fix draft mode invariant (#62121)
- 7dbf6f8 fix: babel usage with next/image (#61835)
- 3efc842 Fix next/server apit push alias for ESM pkg (#61721)
- 179d14e Replace image optimizer IPC call with request handler (#61471)
- f8fe70d chore: refactor image optimization to separate external/internal urls (#61172)
- 5a5f178 fix(image): warn when animated image is missing `unoptimized` prop (#61045)
- b0474c8 fix(build-output): show stack during CSR bailout warning (#62594)
- 1bee5b6 Fix extra swc optimizer applied to node_modules in browser layer (#62051)
- b747e08 fix(next-swc): Detect `exports.foo` from `cjs_finder` (#61795)
- af47328 Fix attempted import error for react (#61791)
- 181e7d5 Add stack trace to client rendering bailout error (#61200)
- 06f01e5 Merge branch 'next-14-1' of github.com:vercel/next.js into next-14-1
- c1edac7 update chunking tests
- 6aee03d fix router crash on revalidate + popstate (#62383)
- 8fd3d7e fix loading issue when navigating to page with async metadata (#61687)
- 05b972b revert changes to process default routes at build (#61241)
- 7026eb2 fix parallel route top-level catch-all normalization logic to support nested explicit (non-catchall) slot routes (#60776)
Package name: novel
The new version differs by 54 commits.- cd119ad 0.1.0
- 4155f06 fix: hide drag handle on scrolling
- c3592cd chore: update docs styles
- 4affcc7 Merge pull request #287 from brunocroh/fix/image-drag-n-drop
- 8f7995b Merge branch 'main' of https://github.com/steven-tey/novel
- 0768fff fix: update editor-content docs
- 8a0f540 Merge pull request #274 from justinjunodev/readme-fix-license-link
- ad79b1f Update README.md
- e6fc416 fix: type issue vercel build
- 19631d7 feat: update docs with component props
- f35c9db fix: image move when dragged
- cbbe155 fix: hydration local storage fix
- af6284e Merge branch 'main' of https://github.com/steven-tey/novel
- fe078d2 feat: export EditorContentProps
- 62a5dbe feat: add components docs
- 3087add feat: add slash command docs & cleanup web
- 74dc2c8 Merge pull request #286 from brunocroh/fix/drag-handler-dark-mode
- daffe6c fix: update dark mode class to drag handler component
- 03ba884 fix: release canary & remove unused
- 01cc183 feat: add tailwind usage guide
- 0d4ad9c feat: add vercel rewrite config
- cd72180 Merge pull request #284 from andrewdoro/add-docs
- a352bc1 fix: rename to docs
- a65285e feat: add starter minify
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Server-Side Request Forgery (SSRF)
