just-dashboard

just-dashboard copied to clipboard

build(deps): [security] bump normalize-url from 4.2.0 to 4.5.1

1

Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.2.0 to 4.5.1. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. ReDoS in normalize-url The normalize-url package before 4.5.1, 5.x...

dependabot-preview[bot]

build(deps): [security] bump dns-packet from 1.3.1 to 1.3.4

1

Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Potential memory exposure in dns-packet This affects the package...

dependabot-preview[bot]

build(deps): [security] bump hosted-git-info from 2.6.0 to 2.8.9

1

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.6.0 to 2.8.9. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Regular Expression Denial of Service in hosted-git-info The npm...

dependabot-preview[bot]

build(deps): [security] bump url-parse from 1.4.4 to 1.5.1

1

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.1. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Path reaversal in url-parse url-parse before 1.5.0 mishandles certain...

dependabot-preview[bot]

build(deps): [security] bump ua-parser-js from 0.7.18 to 0.7.28

1

Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.18 to 0.7.28. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Regular Expression Denial of Service (ReDoS) in ua-parser-js ua-parser-js...

dependabot-preview[bot]

build(deps): [security] bump y18n from 3.2.1 to 3.2.2

1

Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution Overview The npm package y18n before versions...

dependabot-preview[bot]

build(deps): [security] bump yargs-parser from 5.0.0 to 5.0.1

1

Bumps [yargs-parser](https://github.com/yargs/yargs-parser) from 5.0.0 to 5.0.1. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in yargs-parser Affected versions of yargs-parser are...

dependabot-preview[bot]

build(deps): [security] bump handlebars from 4.0.11 to 4.7.7

1

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.11 to 4.7.7. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Prototype Pollution in handlebars Versions of handlebars prior to 3.0.8...

dependabot-preview[bot]

build(deps): [security] bump lodash from 4.17.10 to 4.17.21

1

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.10 to 4.17.21. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Critical severity vulnerability that affects lodash, lodash-es, lodash-amd, lodash.template, lodash.merge,...

dependabot-preview[bot]

build(deps): [security] bump elliptic from 6.4.0 to 6.5.4

1

Bumps [elliptic](https://github.com/indutny/elliptic) from 6.4.0 to 6.5.4. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Signature Malleabillity in elliptic The Elliptic package before version...

dependabot-preview[bot]