webhl
webhl copied to clipboard
x8BitRain
fix: package.json & package-lock.json to reduce vulnerabilities
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908 |
Yes | Proof of Concept |
 |
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181 |
Yes | Proof of Concept |
 |
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346 |
Yes | No Known Exploit |
|
Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137 |
Yes | Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905 |
Yes | Proof of Concept |
|
Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116 |
Yes | Proof of Concept |
|
Prototype Pollution SNYK-JS-JSON5-3182856 |
Yes | Proof of Concept |
|
Origin Validation Error SNYK-JS-KOACORS-6117545 |
Yes | No Known Exploit |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992 |
Yes | No Known Exploit |
|
Prototype Pollution SNYK-JS-LOADERUTILS-3043105 |
Yes | No Known Exploit |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943 |
Yes | No Known Exploit |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905 |
Yes | Proof of Concept |
|
Command Injection SNYK-JS-LODASH-1040724 |
Yes | Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818 |
Yes | No Known Exploit |
|
Prototype Pollution SNYK-JS-MINIMIST-2429795 |
Yes | Proof of Concept |
|
Open Redirect SNYK-JS-NODEFORGE-2330875 |
Yes | Proof of Concept |
|
Prototype Pollution SNYK-JS-NODEFORGE-2331908 |
Yes | No Known Exploit |
|
Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337 |
Yes | No Known Exploit |
|
Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339 |
Yes | No Known Exploit |
|
Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341 |
Yes | No Known Exploit |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067 |
Yes | Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595 |
Yes | Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640 |
Yes | Proof of Concept |
|
Improper Input Validation SNYK-JS-POSTCSS-5926692 |
Yes | No Known Exploit |
|
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607 |
Yes | Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366 |
Yes | No Known Exploit |
|
Directory Traversal SNYK-JS-VITE-2987511 |
Yes | No Known Exploit |
|
Path Equivalence SNYK-JS-VITE-5664718 |
Yes | Proof of Concept |
|
Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835 |
Yes | Proof of Concept |
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Regular Expression Denial of Service (ReDoS) 🦉 Improper Input Validation 🦉 Prototype Pollution 🦉 More lessons are available in Snyk Learn
