woodpecker Bump Frontend Deps for release branch v0.15.x

Bump Frontend Deps for release branch v0.15.x

Open 6543 opened this issue 1 year ago • 0 comments

Bump js deps in release/v0.15 branch

yarn.lock (yarn)

Total: 2 (MEDIUM: 1, HIGH: 0, CRITICAL: 1)

┌──────────┬────────────────┬──────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│ Library  │ Vulnerability  │ Severity │ Installed Version │ Fixed Version │                            Title                             │
├──────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ minimist │ CVE-2021-44906 │ CRITICAL │ 1.2.5             │ 1.2.6         │ minimist: prototype pollution                                │
│          │                │          │                   │               │ https://avd.aquasec.com/nvd/cve-2021-44906                   │
├──────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ vite     │ CVE-2022-35204 │ MEDIUM   │ 2.6.13            │ 2.9.13        │ Vitejs Vite before v2.9.13 vulnerable to directory traversal │
│          │                │          │                   │               │ via crafted URL to...                                        │
│          │                │          │                   │               │ https://avd.aquasec.com/nvd/cve-2022-35204                   │
└──────────┴────────────────┴──────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘

Oct 14 '22 11:10 6543

woodpecker woodpecker copied to clipboard

Bump Frontend Deps for release branch v0.15.x

woodpecker
woodpecker copied to clipboard