Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

[Snyk] Fix for 9 vulnerabilities #88

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Brandylee24
Copy link
Owner

snyk-top-banner

Snyk has created this PR to fix 9 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • frontend/package.json
  • frontend/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Denial of Service (DoS)
SNYK-JS-HTTPPROXYMIDDLEWARE-8229906
  169  
high severity Asymmetric Resource Consumption (Amplification)
SNYK-JS-BODYPARSER-7926860
  111  
medium severity Cross-site Scripting
SNYK-JS-EXPRESS-7926867
  79  
low severity Cross-site Scripting
SNYK-JS-SEND-7926862
  79  
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865
  79  
medium severity Cross-site Scripting (XSS)
SNYK-JS-AXIOS-6671926
  75  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106
  67  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-8482416
  67  
medium severity Cross-site Scripting (XSS)
SNYK-JS-COOKIE-8163060
  44  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Denial of Service (DoS)

Copy link

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@angular-devkit/build-angular@19.1.0 🔁 npm/@angular-devkit/build-angular@14.2.10 Transitive: eval +261 361 MB angular, google-wombot
npm/http-proxy-middleware@2.0.7 🔁 npm/http-proxy-middleware@2.0.6 None +14 485 kB chimurai

🚮 Removed packages: npm/lightweight-charts@3.8.0

View full report↗︎

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants