[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1150

NOUIY · 2023-09-19T00:13:45Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade firebase from 7.10.0 to 7.24.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 510 versions ahead of your current version.
The recommended version was released 3 years ago, on 2020-10-15.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Arbitrary File Write SNYK-JS-TAR-1579147	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579152	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579155	425/1000 Why? CVSS 8.5	No Known Exploit
Prototype Pollution SNYK-JS-Y18N-1021887	425/1000 Why? CVSS 8.5	Proof of Concept
Arbitrary File Overwrite SNYK-JS-TAR-1536528	425/1000 Why? CVSS 8.5	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536531	425/1000 Why? CVSS 8.5	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	425/1000 Why? CVSS 8.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	425/1000 Why? CVSS 8.5	Proof of Concept
Prototype Pollution SNYK-JS-GRPC-598671	425/1000 Why? CVSS 8.5	Proof of Concept
Prototype Pollution SNYK-JS-INI-1048974	425/1000 Why? CVSS 8.5	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-559764	425/1000 Why? CVSS 8.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	425/1000 Why? CVSS 8.5	No Known Exploit
Prototype Pollution SNYK-JS-MINIMIST-559764	425/1000 Why? CVSS 8.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	425/1000 Why? CVSS 8.5	No Known Exploit
Prototype Pollution SNYK-JS-MINIMIST-2429795	425/1000 Why? CVSS 8.5	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	425/1000 Why? CVSS 8.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade firebase from 7.10.0 to 7.24.0. See this package in npm: See this project in Snyk: https://app.snyk.io/org/nexuscompute/project/e46ba81d-9d87-4238-9a8d-5c16e0d4b5bf?utm_source=github&utm_medium=referral&page=upgrade-pr

guardrails · 2023-09-19T00:14:25Z

⚠️ We detected 3 security issues in this pull request:

Vulnerable Libraries (3)

Severity	Details
High	pkg:npm/ini@1.3.5 (t) upgrade to: 1.3.6
High	pkg:npm/node-fetch@2.6.1 (t) upgrade to: 3.1.1,2.6.7
High	pkg:npm/y18n@3.2.1 (t) upgrade to: 3.2.2,4.0.1,5.0.5

More info on how to fix Vulnerable Libraries in JavaScript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1150

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1150

NOUIY commented Sep 19, 2023

guardrails bot commented Sep 19, 2023

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1150

Are you sure you want to change the base?

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1150

Conversation

NOUIY commented Sep 19, 2023

Snyk has created this PR to upgrade firebase from 7.10.0 to 7.24.0.

guardrails bot commented Sep 19, 2023