react-lite-youtube-embed icon indicating copy to clipboard operation
react-lite-youtube-embed copied to clipboard

Published 20 hours ago verified publisher icon ibrahimcesar

[Snyk] Security upgrade next from 11.1.4 to 12.1.0

Open ibrahimcesar opened this issue 2 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • demo/package.json
    • demo/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 509/1000
Why? Has a fix available, CVSS 5.9		 User Interface (UI) Misrepresentation of Critical Information
SNYK-JS-NEXT-2405694		 Yes No Known Exploit
high severity 619/1000
Why? Has a fix available, CVSS 8.1		 Remote Code Execution (RCE)
SNYK-JS-SHELLQUOTE-1766506		 Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: next The new version differs by 250 commits.
  • 8545fd1 v12.1.0
  • 1605f30 v12.0.11-canary.21
  • 69aedbd Fix typo (#34480)
  • f0f322c Remove deprecation for relative URL usage in middlewares (#34461)
  • d4d79b2 Fix chunk buffering for server components (#34474)
  • 74fa4d4 update webpack (#34477)
  • b70397e Revert "Allow reading request bodies in middlewares (#34294)" (#34479)
  • 4202011 Update font-optimization test snapshot (#34478)
  • 1edd851 Allow reading request bodies in middlewares (#34294)
  • ba78437 fix: don't wrap `profile` in firebase example (#34457)
  • f3c3810 Remove hello world RSC example. (#34456)
  • 49da8c0 v12.0.11-canary.20
  • 2264d35 Fix `.svg` image optimization with a `loader` prop (#34452)
  • 59714db Update server-only changes HMR handling (#34298)
  • d288d43 Update MDX Guide config example (#34405)
  • 54dbeb3 update webpack (#34444)
  • 9b38ffe Update 2.example_bug_report.yml
  • 86aac3f Update 1.bug_report.yml
  • 732b405 v12.0.11-canary.19
  • 01524ef Revert swc css bump temporarily (#34440)
  • 8a55612 Add image config for `dangerouslyAllowSVG` and `contentSecurityPolicy` (#34431)
  • 9639fe7 Ensure we don't poll page in development when notFound: true is returned (#34352)
  • 7e93a89 Update 2.example_bug_report.yml
  • d88793d feat: improve opening a new issue flow (#34434)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Remote Code Execution (RCE)

ibrahimcesar avatar Oct 07 '22 14:10 ibrahimcesar