mongo icon indicating copy to clipboard operation
mongo copied to clipboard

Published 20 hours ago verified publisher icon mongodb

[Snyk] Security upgrade http-server from 0.12.3 to 0.13.0

Open cloudgeek7 opened this issue 2 years ago • 2 comments

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • buildscripts/libdeps/graph_visualizer_web_stack/package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
 High 696/1000Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 Denial of Service (DoS)SNYK-JS-ECSTATIC-540354 No Proof of Concept

cloudgeek7 avatar Feb 25 '22 05:02 cloudgeek7

Nice one @cloudgeek7 👍

lirantal avatar Mar 03 '22 07:03 lirantal

@cloudgeek7, thanks for making this pull request! We just need a couple of things from you to start our consideration of the PR. Can you please:

  1. Sign our Contributor's Agreement.
  2. Create a new SERVER ticket on JIRA.

edzh avatar Mar 08 '22 15:03 edzh