Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade webpack-dev-server from 3.10.3 to 5.1.0 #560

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade webpack-dev-server from 3.10.3 to 5.1.0 #560

wants to merge 1 commit into from

Conversation

WontonSam
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade webpack-dev-server from 3.10.3 to 5.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 50 versions ahead of your current version.

  • The recommended version was released on 24 days ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Improper Verification of Cryptographic Signature
SNYK-JS-BROWSERIFYSIGN-6037026		 63 No Known Exploit
high severity Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970		 63 Proof of Concept
high severity Remote Memory Exposure
SNYK-JS-DNSPACKET-1293563		 63 No Known Exploit
high severity Prototype Pollution
SNYK-JS-INI-1048974		 63 Proof of Concept
high severity Server-side Request Forgery (SSRF)
SNYK-JS-IP-6240864		 63 Proof of Concept
high severity Prototype Pollution
SNYK-JS-AJV-584908		 63 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIHTML-1296849		 63 Proof of Concept
high severity Improper Handling of Extra Parameters
SNYK-JS-FOLLOWREDIRECTS-6141137		 63 Proof of Concept
high severity Prototype Pollution
SNYK-JS-ASYNC-2441827		 63 Proof of Concept
high severity Cryptographic Issues
SNYK-JS-ELLIPTIC-571484		 63 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LOADERUTILS-3043105		 63 No Known Exploit
high severity Prototype Pollution
SNYK-JS-LOADERUTILS-3043105		 63 No Known Exploit
high severity Asymmetric Resource Consumption (Amplification)
SNYK-JS-BODYPARSER-7926860		 63 No Known Exploit
high severity Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430339		 63 No Known Exploit
high severity Prototype Pollution
SNYK-JS-NODEFORGE-598677		 63 Proof of Concept
high severity Prototype Poisoning
SNYK-JS-QS-3153490		 63 Proof of Concept
medium severity Open Redirect
SNYK-JS-URLPARSE-1533425		 63 Proof of Concept
medium severity Access Restriction Bypass
SNYK-JS-URLPARSE-2401205		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3105943		 63 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		 63 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509		 63 No Known Exploit
medium severity Cross-site Scripting
SNYK-JS-EXPRESS-7926867		 63 No Known Exploit
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 63 Proof of Concept
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610		 63 Proof of Concept
medium severity Server-Side Request Forgery (SSRF)
SNYK-JS-IP-7148531		 63 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-JSON5-3182856		 63 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-JSON5-3182856		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3042992		 63 No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JS-HTTPPROXY-569139		 63 Proof of Concept
medium severity Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899		 63 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3105943		 63 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3042992		 63 No Known Exploit
low severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 63 No Known Exploit
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577916		 63 Proof of Concept
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577917		 63 Proof of Concept
critical severity Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		 63 Proof of Concept
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577918		 63 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 63 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 63 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-NTHCHECK-1586032		 63 Proof of Concept
high severity Prototype Pollution
SNYK-JS-NUNJUCKS-1079083		 63 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		 63 Proof of Concept
high severity Arbitrary Code Injection
SNYK-JS-SERIALIZEJAVASCRIPT-570062		 63 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392		 63 Proof of Concept
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 63 No Known Exploit
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 63 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579147		 63 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579152		 63 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579155		 63 No Known Exploit
high severity Prototype Pollution
SNYK-JS-Y18N-1021887		 63 Proof of Concept
high severity Improper Input Validation
SNYK-JS-URLPARSE-2407770		 63 Proof of Concept
high severity Path Traversal
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555		 63 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-WEBSOCKETEXTENSIONS-570623		 63 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		 63 Proof of Concept
high severity Code Injection
SNYK-JS-LODASH-1040724		 63 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-567746		 63 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-608086		 63 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-6139239		 63 Proof of Concept
medium severity Information Exposure
SNYK-JS-EVENTSOURCE-2823375		 63 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-NODEFORGE-2331908		 63 No Known Exploit
medium severity Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430337		 63 No Known Exploit
medium severity Improper Verification of Cryptographic Signature
SNYK-JS-NODEFORGE-2430341		 63 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-NUNJUCKS-5431309		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106		 63 Proof of Concept
medium severity Denial of Service (DoS)
SNYK-JS-SOCKJS-575261		 63 Proof of Concept
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JS-TAR-6476909		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366		 63 No Known Exploit
medium severity Prototype Pollution
SNYK-JS-YARGSPARSER-560381		 63 Proof of Concept
medium severity Improper Input Validation
SNYK-JS-URLPARSE-1078283		 63 No Known Exploit
medium severity Authorization Bypass
SNYK-JS-URLPARSE-2407759		 63 Proof of Concept
medium severity Authorization Bypass Through User-Controlled Key
SNYK-JS-URLPARSE-2412697		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 63 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		 63 No Known Exploit
medium severity Open Redirect
SNYK-JS-NODEFORGE-2330875		 63 Proof of Concept
low severity Cross-site Scripting
SNYK-JS-SEND-7926862		 63 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865		 63 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 63 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 63 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 63 Proof of Concept
low severity Prototype Pollution
SNYK-JS-MINIMIST-2429795		 63 Proof of Concept
Release notes
Package name: webpack-dev-server
  • 5.1.0 - 2024-09-03

    5.1.0 (2024-09-03)

    Features

    • add visual progress indicators (a8f40b7)
    • added the app option to be Function (by default only with connect compatibility frameworks) (3096148)
    • allow the server option to be Function (#5275) (02a1c6d)
    • http2 support for connect and connect compatibility frameworks which support HTTP2 (#5267) (6509a3f)

    Bug Fixes

  • 5.0.4 - 2024-03-19

    5.0.4 (2024-03-19)

    Bug Fixes

  • 5.0.3 - 2024-03-12

    5.0.3 (2024-03-12)

    Bug Fixes

  • 5.0.2 - 2024-02-16

    5.0.2 (2024-02-16)

    Bug Fixes

  • 5.0.1 - 2024-02-13

    5.0.1 (2024-02-13)

    Bug Fixes

  • 5.0.0 - 2024-02-12

    5.0.0 (2024-02-12)

    Migration Guide and Changes.

  • 4.15.2 - 2024-03-20

    4.15.2 (2024-03-20)

    Bug Fixes

    • security: bump webpack-dev-middleware (4116209)
  • 4.15.1 - 2023-06-09

    4.15.1 (2023-06-09)

    Bug Fixes

    • replace :: with localhost before openBrowser() (#4856) (874c44b)
    • types: compatibility with @ types/ws (#4899) (34bcec2)
  • 4.15.0 - 2023-05-07

    4.15.0 (2023-05-07)

    Features

    • overlay displays unhandled promise rejection (#4849) (d1dd430)
  • 4.14.0 - 2023-05-06

    4.14.0 (2023-05-06)

    Features

    • allow CLI to be ESM (#4837) (bb4a5d9)
    • allow filter overlay errors/warnings/runtimeErrors with function (#4813) (aab01b3)
  • 4.13.3 - 2023-04-15
  • 4.13.2 - 2023-03-31
  • 4.13.1 - 2023-03-18
  • 4.13.0 - 2023-03-17
  • 4.12.0 - 2023-03-14
  • 4.11.1 - 2022-09-19
  • 4.11.0 - 2022-09-07
  • 4.10.1 - 2022-08-29
  • 4.10.0 - 2022-08-10
  • 4.9.3 - 2022-06-29
  • 4.9.2 - 2022-06-06
  • 4.9.1 - 2022-05-31
  • 4.9.0 - 2022-05-04
  • 4.8.1 - 2022-04-06
  • 4.8.0 - 2022-04-05
  • 4.7.4 - 2022-02-02
  • 4.7.3 - 2022-01-11
  • 4.7.2 - 2021-12-29
  • 4.7.1 - 2021-12-22
  • 4.7.0 - 2021-12-21
  • 4.6.0 - 2021-11-25
  • 4.5.0 - 2021-11-13
  • 4.4.0 - 2021-10-27
  • 4.3.1 - 2021-10-04
  • 4.3.0 - 2021-09-25
  • 4.2.1 - 2021-09-13
  • 4.2.0 - 2021-09-09
  • 4.1.1 - 2021-09-07
  • 4.1.0 - 2021-08-31
  • 4.0.0 - 2021-08-18
  • 4.0.0-rc.1 - 2021-08-17
  • 4.0.0-rc.0 - 2021-07-19
  • 4.0.0-beta.3 - 2021-05-06
  • 4.0.0-beta.2 - 2021-04-06
  • 4.0.0-beta.1 - 2021-03-23
  • 4.0.0-beta.0 - 2020-11-27
  • 3.11.3 - 2021-11-08
  • 3.11.2 - 2021-01-13
  • 3.11.1 - 2020-12-29
  • 3.11.0 - 2020-05-08
  • 3.10.3 - 2020-02-05
from webpack-dev-server GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"webpack-dev-server","from":"3.10.3","to":"5.1.0"}],"env":"prod","hasFixes":true,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-BROWSERIFYSIGN-6037026","issue_id":"SNYK-JS-BROWSERIFYSIGN-6037026","priority_score":124,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"high"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00058},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Oct 27 2023 12:03:19 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.06},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-DECODEURICOMPONENT-3149970","issue_id":"SNYK-JS-DECODEURICOMPONENT-3149970","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00382},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Nov 28 2022 16:12:34 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-DNSPACKET-1293563","issue_id":"SNYK-JS-DNSPACKET-1293563","priority_score":133,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00097},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu May 20 2021 14:40:43 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":8.78},{"name":"likelihood","value":1.5},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Remote Memory Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-INI-1048974","issue_id":"SNYK-JS-INI-1048974","priority_score":151,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01218},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 10 2020 18:08:38 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":2.67},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-IP-6240864","issue_id":"SNYK-JS-IP-6240864","priority_score":221,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00084},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Feb 11 2024 07:37:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.84},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-AJV-584908","issue_id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIHTML-1296849","issue_id":"SNYK-JS-ANSIHTML-1296849","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00216},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Aug 18 2021 15:37:20 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":158,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00051},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jan 01 2024 15:19:32 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Handling of Extra Parameters"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ASYNC-2441827","issue_id":"SNYK-JS-ASYNC-2441827","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0017},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Apr 07 2022 14:22:18 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-571484","issue_id":"SNYK-JS-ELLIPTIC-571484","priority_score":221,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00353},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Jun 17 2020 10:03:22 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.08},{"name":"likelihood","value":2.43},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Cryptographic Issues"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-LOADERUTILS-3043105","issue_id":"SNYK-JS-LOADERUTILS-3043105","priority_score":115,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0097},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Nov 04 2022 09:08:14 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.91},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-LOADERUTILS-3043105","issue_id":"SNYK-JS-LOADERUTILS-3043105","priority_score":115,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0097},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Nov 04 2022 09:08:14 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.91},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-BODYPARSER-7926860","issue_id":"SNYK-JS-BODYPARSER-7926860","priority_score":111,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00043},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Sep 11 2024 11:22:36 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.84},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Asymmetric Resource Consumption (Amplification)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-NODEFORGE-2430339","issue_id":"SNYK-JS-NODEFORGE-2430339","priority_score":107,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00072},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Mar 20 2022 16:39:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":1.89},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-NODEFORGE-598677","issue_id":"SNYK-JS-NODEFORGE-598677","priority_score":149,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00209},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Sep 01 2020 10:44:20 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-QS-3153490","issue_id":"SNYK-JS-QS-3153490","priority_score":162,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01947},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Dec 04 2022 12:24:32 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.69},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Poisoning"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-URLPARSE-1533425","issue_id":"SNYK-JS-URLPARSE-1533425","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00126},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jul 26 2021 15:23:41 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-URLPARSE-2401205","issue_id":"SNYK-JS-URLPARSE-2401205","priority_score":177,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00095},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Feb 15 2022 13:06:08 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.84},{"name":"likelihood","value":2.25},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Access Restriction Bypass"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-LOADERUTILS-3105943","issue_id":"SNYK-JS-LOADERUTILS-3105943","priority_score":45,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00694},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Nov 07 2022 16:01:55 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":1.91},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BROWSERSLIST-1090194","issue_id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00198},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Apr 28 2021 15:14:31 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-EXPRESS-6474509","issue_id":"SNYK-JS-EXPRESS-6474509","priority_score":74,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Mar 26 2024 07:34:23 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.54},{"name":"likelihood","value":1.61},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-EXPRESS-7926867","issue_id":"SNYK-JS-EXPRESS-7926867","priority_score":79,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00043},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Sep 11 2024 12:24:12 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":1.39},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Cross-site Scripting"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-2332181","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2332181","priority_score":119,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00151},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Jan 12 2022 12:49:36 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.98},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 15 2024 07:59:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-IP-7148531","issue_id":"SNYK-JS-IP-7148531","priority_score":119,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue May 28 2024 08:06:24 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.19},{"name":"likelihood","value":2.83},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Server-Side Request Forgery (SSRF)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-JSON5-3182856","issue_id":"SNYK-JS-JSON5-3182856","priority_score":179,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01027},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Dec 25 2022 08:45:14 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.84},{"name":"likelihood","value":2.28},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-JSON5-3182856","issue_id":"SNYK-JS-JSON5-3182856","priority_score":179,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01027},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Dec 25 2022 08:45:14 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"busi...

@snyk-bot
feat: upgrade webpack-dev-server from 3.10.3 to 5.1.0
6b7329a 
Snyk has created this PR to upgrade webpack-dev-server from 3.10.3 to 5.1.0.

See this package in npm:
webpack-dev-server

See this project in Snyk:
https://app.snyk.io/org/cachiman/project/82e9acef-5c61-49d6-b6be-aa80518d2ec9?utm_source=github&utm_medium=referral&page=upgrade-pr
@google-cla Google CLA
Copy link

google-cla bot commented Sep 28, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@WontonSam @snyk-bot