DevBattle
DevBattle copied to clipboard
Published
20 hours ago •
suren-atoyan
suren-atoyan
[Snyk] Fix for 91 vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- public/dev-battle/package.json
- public/dev-battle/package-lock.json
- public/dev-battle/.snyk
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
589/1000 Why? Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469 |
No | No Known Exploit |
|
619/1000 Why? Has a fix available, CVSS 8.1 |
Prototype Pollution SNYK-JS-AJV-584908 |
No | No Known Exploit |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
No | Proof of Concept |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Prototype Pollution SNYK-JS-ASYNC-2441827 |
No | Proof of Concept |
 |
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194 |
No | Proof of Concept |
|
658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-CSSWHAT-3035488 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592 |
No | Proof of Concept |
|
599/1000 Why? Has a fix available, CVSS 7.7 |
Remote Memory Exposure SNYK-JS-DNSPACKET-1293563 |
No | No Known Exploit |
|
636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3 |
Prototype Pollution SNYK-JS-DOTPROP-543489 |
No | Proof of Concept |
|
554/1000 Why? Has a fix available, CVSS 6.8 |
Cryptographic Issues SNYK-JS-ELLIPTIC-1064899 |
No | No Known Exploit |
|
509/1000 Why? Has a fix available, CVSS 5.9 |
Timing Attack SNYK-JS-ELLIPTIC-511941 |
No | No Known Exploit |
|
706/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.7 |
Cryptographic Issues SNYK-JS-ELLIPTIC-571484 |
No | Proof of Concept |
|
646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 |
Information Exposure SNYK-JS-EVENTSOURCE-2823375 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181 |
No | Proof of Concept |
 |
344/1000 Why? Has a fix available, CVSS 2.6 |
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346 |
No | No Known Exploit |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355 |
No | Proof of Concept |
|
646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 |
Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139 |
No | Proof of Concept |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-INI-1048974 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891 |
No | Proof of Concept |
|
644/1000 Why? Has a fix available, CVSS 8.6 |
Prototype Pollution SNYK-JS-JSONSCHEMA-1920922 |
No | No Known Exploit |
|
509/1000 Why? Has a fix available, CVSS 5.9 |
Denial of Service (DoS) SNYK-JS-JSYAML-173999 |
No | No Known Exploit |
|
619/1000 Why? Has a fix available, CVSS 8.1 |
Arbitrary Code Execution SNYK-JS-JSYAML-174129 |
No | No Known Exploit |
|
506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7 |
Validation Bypass SNYK-JS-KINDOF-537849 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905 |
No | Proof of Concept |
|
681/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.2 |
Command Injection SNYK-JS-LODASH-1040724 |
No | Proof of Concept |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-LODASH-450202 |
No | Proof of Concept |
|
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Prototype Pollution SNYK-JS-LODASH-567746 |
No | Proof of Concept |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-LODASH-608086 |
No | Proof of Concept |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-LODASH-73638 |
No | Proof of Concept |
|
541/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.4 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639 |
No | Proof of Concept |
|
506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7 |
Prototype Pollution SNYK-JS-MINIMIST-2429795 |
No | Proof of Concept |
|
601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6 |
Prototype Pollution SNYK-JS-MINIMIST-559764 |
No | Proof of Concept |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-MIXINDEEP-450212 |
No | Proof of Concept |
|
539/1000 Why? Has a fix available, CVSS 6.5 |
Information Exposure SNYK-JS-NODEFETCH-2342118 |
No | No Known Exploit |
|
520/1000 Why? Has a fix available, CVSS 5.9 |
Denial of Service SNYK-JS-NODEFETCH-674311 |
No | No Known Exploit |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Open Redirect SNYK-JS-NODEFORGE-2330875 |
No | Proof of Concept |
|
529/1000 Why? Has a fix available, CVSS 6.3 |
Prototype Pollution SNYK-JS-NODEFORGE-2331908 |
No | No Known Exploit |
|
494/1000 Why? Has a fix available, CVSS 5.6 |
Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337 |
No | No Known Exploit |
|
579/1000 Why? Has a fix available, CVSS 7.3 |
Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339 |
No | No Known Exploit |
|
494/1000 Why? Has a fix available, CVSS 5.6 |
Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341 |
No | No Known Exploit |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-NODEFORGE-598677 |
No | Proof of Concept |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032 |
No | Proof of Concept |
|
524/1000 Why? Has a fix available, CVSS 6.2 |
Denial of Service (DoS) SNYK-JS-NWSAPI-2841516 |
No | No Known Exploit |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640 |
No | Proof of Concept |
|
601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6 |
Command Injection SNYK-JS-REACTDEVUTILS-1083268 |
No | Proof of Concept |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-SETVALUE-1540541 |
No | Proof of Concept |
|
686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-SETVALUE-450213 |
No | Proof of Concept |
|
619/1000 Why? Has a fix available, CVSS 8.1 |
Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506 |
No | No Known Exploit |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Denial of Service (DoS) SNYK-JS-SOCKJS-575261 |
No | Proof of Concept |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392 |
No | Proof of Concept |
|
624/1000 Why? Has a fix available, CVSS 8.2 |
Arbitrary File Overwrite SNYK-JS-TAR-1536528 |
No | No Known Exploit |
|
624/1000 Why? Has a fix available, CVSS 8.2 |
Arbitrary File Overwrite SNYK-JS-TAR-1536531 |
No | No Known Exploit |
|
410/1000 Why? Has a fix available, CVSS 3.7 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758 |
No | No Known Exploit |
|
639/1000 Why? Has a fix available, CVSS 8.5 |
Arbitrary File Write SNYK-JS-TAR-1579147 |
No | No Known Exploit |
|
639/1000 Why? Has a fix available, CVSS 8.5 |
Arbitrary File Write SNYK-JS-TAR-1579152 |
No | No Known Exploit |
|
639/1000 Why? Has a fix available, CVSS 8.5 |
Arbitrary File Write SNYK-JS-TAR-1579155 |
No | No Known Exploit |
|
726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1 |
Arbitrary File Overwrite SNYK-JS-TAR-174125 |
No | Proof of Concept |
|
751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6 |
Arbitrary Code Execution SNYK-JS-THENIFY-571690 |
No | Proof of Concept |
|
589/1000 Why? Has a fix available, CVSS 7.5 |
Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042 |
No | No Known Exploit |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599 |
No | Proof of Concept |
|
616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471 |
No | Proof of Concept |
|
696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226 |
No | Proof of Concept |
|
539/1000 Why? Has a fix available, CVSS 6.5 |
Improper Input Validation SNYK-JS-URIJS-1055003 |
No | No Known Exploit |
|
479/1000 Why? Has a fix available, CVSS 5.3 |
Improper Input Validation SNYK-JS-URIJS-1078286 |
No | No Known Exploit |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Open Redirect SNYK-JS-URIJS-1319803 |
No | Proof of Concept |
|
579/1000 Why? Has a fix available, CVSS 7.3 |
Prototype Pollution SNYK-JS-URIJS-1319806 |
No | No Known Exploit |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Open Redirect SNYK-JS-URIJS-2401466 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Improper Input Validation SNYK-JS-URIJS-2415026 |
No | Proof of Concept |
|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Open Redirect SNYK-JS-URIJS-2419067 |
No | Proof of Concept |
|
646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 |
Misinterpretation of Input SNYK-JS-URIJS-2440699 |
No | Proof of Concept |
|
591/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.4 |
Cross-site Scripting (XSS) SNYK-JS-URIJS-2441239 |
No | Proof of Concept |
|
479/1000 Why? Has a fix available, CVSS 5.3 |
Improper Input Validation SNYK-JS-URLPARSE-1078283 |
No | No Known Exploit |
|
/1000 Why? |
Open Redirect SNYK-JS-URLPARSE-1533425 |
No | Proof of Concept |
|
/1000 Why? |
Access Restriction Bypass SNYK-JS-URLPARSE-2401205 |
No | Proof of Concept |
|
/1000 Why? |
Authorization Bypass SNYK-JS-URLPARSE-2407759 |
No | Proof of Concept |
|
/1000 Why? |
Improper Input Validation SNYK-JS-URLPARSE-2407770 |
No | Proof of Concept |
|
/1000 Why? |
Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697 |
No | Proof of Concept |
|
/1000 Why? |
Improper Input Validation SNYK-JS-URLPARSE-543307 |
No | Proof of Concept |
|
/1000 Why? |
Information Exposure SNYK-JS-WEBPACKDEVSERVER-72405 |
No | Proof of Concept |
|
/1000 Why? |
Regular Expression Denial of Service (ReDoS) SNYK-JS-WEBSOCKETEXTENSIONS-570623 |
No | Proof of Concept |
|
/1000 Why? |
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835 |
No | Proof of Concept |
|
/1000 Why? |
Prototype Pollution SNYK-JS-Y18N-1021887 |
No | Proof of Concept |
|
/1000 Why? |
Prototype Pollution SNYK-JS-YARGSPARSER-560381 |
No | Proof of Concept |
|
506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7 |
Regular Expression Denial of Service (ReDoS) npm:braces:20180219 |
No | Proof of Concept |
|
434/1000 Why? Has a fix available, CVSS 4.4 |
Time of Check Time of Use (TOCTOU) npm:chownr:20180731 |
No | No Known Exploit |
|
579/1000 Why? Has a fix available, CVSS 7.3 |
Prototype Pollution npm:extend:20180424 |
No | No Known Exploit |
|
469/1000 Why? Has a fix available, CVSS 5.1 |
Denial of Service (DoS) npm:mem:20180117 |
No | No Known Exploit |
|
646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5 |
Cross-site Scripting (XSS) npm:react-dom:20180802 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @nivo/pie
The new version differs by 250 commits.- defc453 v0.63.0
- e370ea8 fix(core / swarmplot): Improve core and swarmplot typedefs (#1151)
- 42adacd fix(scatterplot): Support DerivedNodeProp for nodeSize prop (#1134)
- 861000f fix(core): Add missing Theme types to match default theme object (#1135)
- 56f0e44 fix(sankey): Fix issue with gradient and parentheses in IDs (#1152)
- 52c1bc1 fix(scatterplot): adjust type/proptype of `data[].id` prop (#1147)
- 99b520e fix(core): add Defs types and export for typescript (#1146)
- 7d52c07 feat(a11y): add ability to set `role` prop on all charts (#1128)
- 954bef7 feat(scales): Add support for symlog scale (#1097)
- 464185c feat(a11y): add changes to allow for improved accessibility on charts (#1054)
- ce9a172 Sankey: implement sort links by input, add story as example
- 9a19da6 feat(swarmplot): add time scale support (#1121)
- 54215e7 fix(pie): tooltip props typing (#1088)
- 46bf12c feat(generators): add network data generation (#1082)
- 4d8e822 feat(network): add support for tooltips (#1080)
- daebd61 feat(calendar): remove recompose and convert to hooks (#1040)
- c10edbf fix(line): change points ordering on stacked lines (#1060)
- fb4aef0 fix(scatterplot): onMouseLeave not firing when mesh is used (#1064)
- 565dc75 chore(docs): Add Testing section in CONTRIBUTING.md (#1059)
- 5dc5ce6 feat(bullet): support ranges that support < 0
- d2ceffc fix(scatterplot): fix canvas missing annotations layer (#1043)
- f87be93 fix(radar): Add return type of GridLabelCustomFunction (#1045)
- f967380 feat(website): add theme property documentation to all components
- 975503a feat(website): add theming guide
With a Snyk patch:
| Severity | Priority Score (*) | Issue | Exploit Maturity |
|---|---|---|---|
|
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Prototype Pollution SNYK-JS-LODASH-567746 |
Proof of Concept |
|
579/1000 Why? Has a fix available, CVSS 7.3 |
Prototype Pollution npm:extend:20180424 |
No Known Exploit |
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Cross-site Scripting (XSS) 🦉 Denial of Service (DoS) 🦉 Prototype Pollution 🦉 More lessons are available in Snyk Learn
