[Snyk] Security upgrade aws-sdk from 2.211.0 to 2.814.0

Open snyk-bot opened this issue 4 years ago • 0 comments

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	758/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-AWSSDK-1059424	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: aws-sdk

The new version differs by 250 commits.

8875a35 Updates SDK to v2.814.0
dd83d67 throw at invalid profile name in shared ini file (#3585)
ee0c5a3 Updates SDK to v2.813.0
468d15b Updates SDK to v2.812.0
c50132f Update README.md with references to JS SDK V3 (#3582)
3e19b08 Updates SDK to v2.811.0
f26c00d Updates SDK to v2.810.0
b393a6e Adds automatic PreSignedUrl generation to RDS.StartDBInstanceAutomatedBackupsReplication (#3566)
fa57967 Updates SDK to v2.809.0
9a52018 Updates SDK to v2.808.0
1958076 Updates SDK to v2.807.0
ffcad20 Updates SDK to v2.806.0
2f37893 chore: remove cognitoidentity customizations to disable auth (#3543)
c6fe3c0 Updates SDK to v2.805.0
71d6fa9 Fix dual-callback case (#3537)
b981971 Updates SDK to v2.804.0
332573f Updates SDK to v2.803.0
deb7bc7 Updates SDK to v2.802.0
b6401d0 Remove incorrectly named service named 'Profile' (#3562)
3364d4b Updates SDK to v2.801.0
d400577 Updates SDK to v2.800.0
21c7dc0 Updates SDK to v2.799.0
d2b8964 Updates SDK to v2.798.0
44ded82 fix: test IAM.getUser instead of listUsers (#3542)

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Jan 19 '21 08:01 snyk-bot