New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade request from 2.67.0 to 2.88.2 #20

Open

snyk-bot wants to merge 1 commit into master from snyk-upgrade-7b67dce2e294d150f9288d00d38fd899

snyk-bot commented May 12, 2021

Snyk has created this PR to upgrade request from 2.67.0 to 2.88.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 22 versions ahead of your current version.
The recommended version was released a year ago, on 2020-02-11.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20160722	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Remote Memory Exposure SNYK-JS-BL-608877	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Uninitialized Memory Exposure npm:tunnel-agent:20170305	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:tough-cookie:20170905	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Remote Memory Exposure npm:request:20160119	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: request

2.88.2 - 2020-02-11
2.88.0 - 2018-08-10
2.88.0
2.87.0 - 2018-05-21
2.87.0
2.86.0 - 2018-05-15
2.86.0
2.85.0 - 2018-03-12
2.85.0
2.84.0 - 2018-03-12
2.84.0
2.83.0 - 2017-09-27
2.82.0 - 2017-09-19
2.81.0 - 2017-03-09
2.80.0 - 2017-03-04
2.79.0 - 2016-11-18
2.78.0 - 2016-11-03
2.77.0 - 2016-11-03
2.76.0 - 2016-10-25
2.75.0 - 2016-09-17
2.74.0 - 2016-07-22
2.73.0 - 2016-07-09
2.72.0 - 2016-04-17
2.71.0 - 2016-04-12
2.70.0 - 2016-04-05
2.69.0 - 2016-01-27
2.68.0 - 2016-01-27
2.67.0 - 2015-11-19

from request GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs


          fix: upgrade request from 2.67.0 to 2.88.2

fd60ad1

Snyk has created this PR to upgrade request from 2.67.0 to 2.88.2.

See this package in npm:
https://www.npmjs.com/package/request

See this project in Snyk:
https://app.snyk.io/org/fiverr/project/af7fa6ca-8e58-43bf-871b-bbd29199d469?utm_source=github&utm_medium=upgrade-pr

# for free to join this conversation on GitHub. Already have an account? # to comment

Labels

None yet