RESTful-Typescript-Koa
RESTful-Typescript-Koa copied to clipboard
emmanuelnk
[Snyk] Upgrade typeorm from 0.2.24 to 0.2.28
Snyk has created this PR to upgrade typeorm from 0.2.24 to 0.2.28.
:sparkles: Snyk has automatically assigned this pull request, set who gets assigned. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 4 versions ahead of your current version.
- The recommended version was released a month ago, on 2020-09-30.
The recommended version fixes:
| Severity | Issue | PriorityScore (*) | Exploit Maturity |
|---|---|---|---|
 |
Prototype Pollution SNYK-JS-TYPEORM-590152 |
801/1000 Why? Mature exploit, Has a fix available, CVSS 8.3 |
Mature |
|
Arbitrary Code Execution SNYK-JS-THENIFY-571690 |
801/1000 Why? Mature exploit, Has a fix available, CVSS 8.3 |
Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: typeorm
-
0.2.28 - 2020-09-30
version bump
-
0.2.27 - 2020-09-29
version bump
-
0.2.26 - 2020-09-10
version bump
-
0.2.25 - 2020-05-19
version bump
-
0.2.24 - 2020-02-28
missed few changes from master, released 0.2.24
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
👩💻 Set who automatically gets assigned
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
