draftjs-examples
draftjs-examples copied to clipboard
Published
20 hours ago •
rajaraodv
rajaraodv
[Snyk] Fix for 14 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
Yes | Proof of Concept |
 |
679/1000 Why? Has a fix available, CVSS 9.3 |
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962463 |
Yes | No Known Exploit |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-LODASHSET-1320032 |
Yes | Proof of Concept |
 |
479/1000 Why? Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-174116 |
Yes | No Known Exploit |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342073 |
Yes | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-2342082 |
Yes | Proof of Concept |
|
479/1000 Why? Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-451540 |
Yes | No Known Exploit |
|
520/1000 Why? Has a fix available, CVSS 5.9 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-MARKED-584281 |
Yes | No Known Exploit |
 |
506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7 |
Prototype Pollution SNYK-JS-MINIMIST-2429795 |
Yes | Proof of Concept |
|
601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6 |
Prototype Pollution SNYK-JS-MINIMIST-559764 |
Yes | Proof of Concept |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032 |
Yes | Proof of Concept |
|
646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 |
Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831 |
Yes | Proof of Concept |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Internal Property Tampering SNYK-JS-TAFFYDB-2992450 |
Yes | Proof of Concept |
|
646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 |
Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873 |
Yes | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: express-jwt
The new version differs by 64 commits.- c4de5de 6.1.1
- 691fd6a Merge pull request #272 from ryanpcmcquen/prototype-pollution-vulnerability-fix
- 551bf40 Fix prototype pollution vulnerability.
- 354e1f8 6.1.0
- 3db0e6b Merge pull request #265 from pipeline1987/master
- 67bd3c4 upgrade express-unless dependency to v1.0.0
- 5cf9b0b Merge pull request #236 from auth0/dependabot/npm_and_yarn/lodash-4.17.19
- adf60bb Merge pull request #239 from auth0/update-changelog
- ed743a8 Updated changelog
- 61776e2 Bump lodash from 4.17.15 to 4.17.19
- 5fb8c88 Merge pull request #234 from gkwang/update-readme
- 43b7921 Update readme on 6.0.0 changes
- 678f3b0 6.0.0
- 7ecab5f Merge pull request from GHSA-6g6m-m6h5-w9gf
- 304a1c5 Made algorithms mandatory
- e9ed6d2 5.3.3
- 8662579 Make clearer sections in the Readme
- d3e86bf Update README.md
- c5d8419 Add a note about OAuth2 bearer tokens
- 888f0e9 Update Readme and use a consistent JS style for code examples
- 6591014 5.3.2
- f4f4d1d fix license field
- 1789282 fix dependencies vulnerabilities and test against 8, 10 and 12 from now on
- 5766a24 Merge pull request #186 from auth0/jwt_update
Package name: sendgrid
The new version differs by 32 commits.- b2e21c3 Version Bump v3.0.0: full v3 Web API support
- 912725c Merge branch 'v3release'
- 0e59c4f Merge branch 'master' into v3release
- 61cbc46 Version Bump v3.0.0: full v3 Web API support
- affdb34 Version Bump v3.0.0: full v3 Web API support
- 1313e7e Updated dependency, Content-Type now set automatically
- b800992 Update README.md
- 96cde7f Formating and links to /mail/send
- ec88853 README.md update
- 94e39d3 README.md update
- 29f96d6 Travis
- d8ecca7 Fix copy by reference issue
- 223b7bf Update sendgrid-rest dependency
- 561a3cd Simplified setting the request object
- 15ca3f1 Simplified setting the request object
- 1e5f641 Updating dependency on sendgrid-rest
- 998cb35 Updated example usage instructions
- 44930d4 Fixed doc formating
- 7ec3daf Removed old example
- 6f96cba Add exmamples of all v3 web api calls
- a8badcf Added documentation for all v3 endpoints + a fix for the headers in the tests
- 75a76ff Increasing test timeout value for travis
- 4204827 Increasing test timeout value for travis
- 25e89e6 Updated tests to cover all v3 Web API endpoints
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS) 🦉 Prototype Pollution 🦉 Server-side Request Forgery (SSRF)
