Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[Snyk] Upgrade: , nuxt, storyblok-nuxt #25

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: , nuxt, storyblok-nuxt #25

wants to merge 1 commit into from

Conversation

takawiramundure
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@nuxtjs/axios
from 5.6.0 to 5.13.6 | 29 versions ahead of your current version | 3 years ago
on 2021-06-02
nuxt
from 2.10.0 to 2.18.1 | 43 versions ahead of your current version | 3 months ago
on 2024-06-28
storyblok-nuxt
from 1.0.2 to 1.3.1 | 4 versions ahead of your current version | 3 years ago
on 2021-03-24

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137		 541 Proof of Concept
high severity Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137		 541 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469		 541 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIHTML-1296849		 541 Proof of Concept
high severity Code Injection
SNYK-JS-LODASH-1040724		 541 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-567746		 541 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-608086		 541 Proof of Concept
high severity Prototype Pollution
SNYK-JS-LODASH-6139239		 541 Proof of Concept
high severity Prototype Pollution
SNYK-JS-INI-1048974		 541 Proof of Concept
high severity Server-side Request Forgery (SSRF)
SNYK-JS-IP-6240864		 541 Proof of Concept
high severity Asymmetric Resource Consumption (Amplification)
SNYK-JS-BODYPARSER-7926860		 541 No Known Exploit
high severity Improper Verification of Cryptographic Signature
SNYK-JS-BROWSERIFYSIGN-6037026		 541 No Known Exploit
high severity Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970		 541 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269		 541 Proof of Concept
high severity Cryptographic Issues
SNYK-JS-ELLIPTIC-571484		 541 Proof of Concept
medium severity Cross-site Scripting
SNYK-JS-EXPRESS-7926867		 541 No Known Exploit
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 541 Proof of Concept
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610		 541 Proof of Concept
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181		 541 Proof of Concept
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UGLIFYJS-1727251		 541 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-HTMLMINIFIER-3091181		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-HTMLMINIFIER-3091181		 541 Proof of Concept
medium severity Denial of Service (DoS)
SNYK-JS-HTTPPROXY-569139		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1085627		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1243891		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939		 541 Proof of Concept
medium severity Prototype Pollution
SNYK-JS-DOTPROP-543489		 541 Proof of Concept
medium severity Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899		 541 No Known Exploit
medium severity Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255		 541 Proof of Concept
medium severity Timing Attack
SNYK-JS-ELLIPTIC-511941		 541 No Known Exploit
low severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 541 No Known Exploit
low severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346		 541 No Known Exploit
critical severity Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462		 541 Proof of Concept
critical severity Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962463		 541 Proof of Concept
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577916		 541 Proof of Concept
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577917		 541 Proof of Concept
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577918		 541 Proof of Concept
high severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6056521		 541 No Known Exploit
high severity Remote Code Execution (RCE)
SNYK-JS-SHELLQUOTE-1766506		 541 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392		 541 Proof of Concept
high severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-536840		 541 No Known Exploit
high severity Arbitrary Code Injection
SNYK-JS-SERIALIZEJAVASCRIPT-570062		 541 Proof of Concept
high severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-6056521		 541 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392		 541 Proof of Concept
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536528		 541 No Known Exploit
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536531		 541 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-NTHCHECK-1586032		 541 Proof of Concept
high severity Arbitrary File Write
SNYK-JS-TAR-1579147		 541 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579152		 541 No Known Exploit
high severity Arbitrary File Write
SNYK-JS-TAR-1579155		 541 No Known Exploit
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1023599		 541 Proof of Concept
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-610226		 541 Proof of Concept
high severity Path Traversal
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555		 541 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JS-WS-7266574		 541 Proof of Concept
high severity Prototype Pollution
SNYK-JS-Y18N-1021887		 541 Proof of Concept
high severity Cross-site Scripting (XSS)
SNYK-JS-SERIALIZEJAVASCRIPT-536840		 541 No Known Exploit
high severity Arbitrary Code Injection
SNYK-JS-SERIALIZEJAVASCRIPT-570062		 541 Proof of Concept
high severity Prototype Poisoning
SNYK-JS-QS-3153490		 541 Proof of Concept
high severity Remote Code Execution (RCE)
SNYK-JS-EJS-2803307		 541 Proof of Concept
medium severity Open Redirect
SNYK-JS-EXPRESS-6474509		 541 No Known Exploit
medium severity Information Exposure
SNYK-JS-NODEFETCH-2342118		 541 No Known Exploit
medium severity Denial of Service
SNYK-JS-NODEFETCH-674311		 541 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHTOREGEXP-7925106		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		 541 Proof of Concept
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JS-TAR-6476909		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366		 541 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1072471		 541 Proof of Concept
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UGLIFYJS-1727251		 541 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 541 Proof of Concept
medium severity Arbitrary Code Injection
SNYK-JS-EJS-1049328		 541 Proof of Concept
medium severity Improper Control of Dynamically-Managed Code Resources
SNYK-JS-EJS-6689533		 541 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SERVESTATIC-7926865		 541 No Known Exploit
low severity Cross-site Scripting
SNYK-JS-SEND-7926862		 541 No Known Exploit
low severity Validation Bypass
SNYK-JS-KINDOF-537849		 541 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		 541 No Known Exploit
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 541 Proof of Concept
low severity Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 541 Proof of Concept
Release notes
Package name: @nuxtjs/axios
  • 5.13.6 - 2021-06-02

    Bug Fixes

    • setHeader function returns after the first scope element (#507) (cb5e29d)
  • 5.13.5 - 2021-05-26

    Bug Fixes

    • only transpile defu for client bundle (resolves #501) (ec2eb0a)
  • 5.13.4 - 2021-05-18

    Bug Fixes

    • build.transpile guard for nuxt@1.x (fixes #498) (66d56ab)
  • 5.13.3 - 2021-05-17

    Bug Fixes

  • 5.13.2 - 2021-05-17

    Dependencies:

    • Update defu to 5.x
  • 5.13.1 - 2021-02-08

    Bug Fixes

  • 5.13.0 - 2021-02-01

    Features

    • Support baseUrl and browserBaseUrl to handle casing typos (8904847)

    Bug Fixes

    • Add x-forwarded-port and x-forwarded-proto to proxyHeaderIgnore defaults (#465) (a1a1894)
  • 5.12.5 - 2021-01-04

    Bug Fixes

    • add x-forwarded-host to proxyHeaderIgnore defaults (#462) (433548b), closes #456

    Dependencies

  • 5.12.4 - 2020-12-14

    Bug Fixes

    Dependencies

    • Update @ nuxtjs/proxy to 2.1.0 (less warnings and typescript rewrite)

    Thanks

  • 5.12.3 - 2020-11-30

    Bug Fixes

  • 5.12.2 - 2020-08-25
  • 5.12.1 - 2020-08-05
  • 5.12.0 - 2020-07-10
  • 5.11.0 - 2020-06-05
  • 5.10.3 - 2020-04-30
  • 5.10.2 - 2020-04-27
  • 5.10.1 - 2020-04-22
  • 5.10.0 - 2020-04-21
  • 5.9.7 - 2020-03-30
  • 5.9.6 - 2020-03-27
  • 5.9.5 - 2020-02-02
  • 5.9.4 - 2020-01-30
  • 5.9.3 - 2020-01-11
  • 5.9.2 - 2020-01-02
  • 5.9.1 - 2020-01-02
  • 5.9.0 - 2019-12-17
  • 5.8.0 - 2019-10-23
  • 5.7.1 - 2019-10-22
  • 5.7.0 - 2019-10-22
  • 5.6.0 - 2019-08-20
from @nuxtjs/axios GitHub release notes
Package name: nuxt
  • 2.18.1 - 2024-06-28

    👉 Changelog

    compare changes

    🩹 Fixes

    • webpack: Depend on earlier version of mkdirp (f67056b9e)

    ❤️ Contributors

  • 2.18.0 - 2024-06-27

    👉 Changelog

    compare changes

    🚀 Enhancements

    • webpack: Migrate to memfs (#27652)

    🩹 Fixes

    • vue-app: Don't throw if we can't read sessionStorage (#27662)
    • config: Add back md4 monkey-patch for wider ecosystem (#27865)

    🏡 Chore

    ❤️ Contributors

  • 2.17.4 - 2024-06-14

    👉 Changelog

    compare changes

    🩹 Fixes

    • types: Bump serve-static types to v1.15.7 (1c44c376d)
    • generator: Use maintained html-minifier-terser (#26914)
    • vue-app: Prevent double page mount (#10874)
    • core: Don't skip loading runtime modules if one is improperly resolved (#10193)
    • vue-app: Prevent error page mounting twice (#27484)

    🏡 Chore

    ✅ Tests

    • Properly close page in e2e tests (1700aa131)
    • Wait for navigation in redirect test (e74715606)
    • Don't register promise in external nav (#27468)

    🤖 CI

    • Add label PR workflow (#25580)
    • Make edge releases on commit basis (1eb08d1ba)
    • Remove ref for release workflows (06f91349f)
    • Don't skip tests from branch named dev (2a5d05257)
    • Update test conditions (940fc7dcb)

    ❤️ Contributors

  • 2.17.3 - 2024-01-12
  • 2.17.2 - 2023-10-24
  • 2.17.1 - 2023-07-14
  • 2.17.0 - 2023-06-09
  • 2.16.3 - 2023-03-17
  • 2.16.2 - 2023-03-01
  • 2.16.1 - 2023-02-13
  • 2.16.0 - 2023-02-03
  • 2.15.8 - 2021-08-11
  • 2.15.7 - 2021-06-14
  • 2.15.6 - 2021-05-12
  • 2.15.5 - 2021-05-09
  • 2.15.4 - 2021-04-01
  • 2.15.3 - 2021-03-10
  • 2.15.2 - 2021-02-23
  • 2.15.1 - 2021-02-19
  • 2.15.0 - 2021-02-15
  • 2.14.12 - 2020-12-16
  • 2.14.11 - 2020-12-09
  • 2.14.10 - 2020-12-07
  • 2.14.9 - 2020-12-02
  • 2.14.8 - 2020-12-01
  • 2.14.7 - 2020-10-15
  • 2.14.6 - 2020-09-21
  • 2.14.5 - 2020-09-10
  • 2.14.4 - 2020-08-27
  • 2.14.3 - 2020-08-16
  • 2.14.2 - 2020-08-16
  • 2.14.1 - 2020-08-04
  • 2.14.0 - 2020-07-27
  • 2.13.3 - 2020-07-02
  • 2.13.2 - 2020-06-26
  • 2.13.1 - 2020-06-24
  • 2.13.0 - 2020-06-18
  • 2.12.2 - 2020-03-31
  • 2.12.1 - 2020-03-25
  • 2.12.0 - 2020-03-17
  • 2.11.0 - 2019-12-17
  • 2.10.2 - 2019-10-21
  • 2.10.1 - 2019-10-11
  • 2.10.0 - 2019-10-02
from nuxt GitHub release notes
Package name: storyblok-nuxt
  • 1.3.1 - 2021-03-24

    1.3.1 (2021-03-24)

    Features

    • upgrade to storyblok-js-client v3.3.1
    • dependency: add axios as dependency (a70f53d)
  • 1.3.0 - 2020-08-21

    1.3.0 (2020-08-21)

    Features

    • add resolveRelations method in $storybridge (d8c56c4)
  • 1.2.0 - 2020-03-10

    1.2.0 (2020-03-10)

    Features

    • upgrade to storyblok-js-client v2 and storyblok-vue v1.0.5 (661bb96)
  • 1.1.0 - 2020-02-04

    1.1.0 (2020-02-04)

    Features

  • 1.0.2 - 2019-10-11

    Merge pull request #14 from storyblok/fix-custom-parent

    Fix custom parent

from storyblok-nuxt GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"","from":"nuxtjs/axios","to":"nuxtjs/axios"},{"name":"nuxt","from":"2.10.0","to":"2.18.1"},{"name":"storyblok-nuxt","from":"1.0.2","to":"1.3.1"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":472,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-ACORN-559469","issue_id":"SNYK-JS-ACORN-559469","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIHTML-1296849","issue_id":"SNYK-JS-ANSIHTML-1296849","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-1040724","issue_id":"SNYK-JS-LODASH-1040724","priority_score":681,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.2","score":360},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Code Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-567746","issue_id":"SNYK-JS-LODASH-567746","priority_score":731,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-608086","issue_id":"SNYK-JS-LODASH-608086","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-6139239","issue_id":"SNYK-JS-LODASH-6139239","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-INI-1048974","issue_id":"SNYK-JS-INI-1048974","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-IP-6240864","issue_id":"SNYK-JS-IP-6240864","priority_score":751,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-BODYPARSER-7926860","issue_id":"SNYK-JS-BODYPARSER-7926860","priority_score":696,"priority_score_factors":[{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Asymmetric Resource Consumption (Amplification)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-BROWSERIFYSIGN-6037026","issue_id":"SNYK-JS-BROWSERIFYSIGN-6037026","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-DECODEURICOMPONENT-3149970","issue_id":"SNYK-JS-DECODEURICOMPONENT-3149970","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-AXIOS-1579269","issue_id":"SNYK-JS-AXIOS-1579269","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-571484","issue_id":"SNYK-JS-ELLIPTIC-571484","priority_score":706,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.7","score":385},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cryptographic Issues"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-EXPRESS-7926867","issue_id":"SNYK-JS-EXPRESS-7926867","priority_score":541,"priority_score_factors":[{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.1","score":255},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Cross-site Scripting"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-2332181","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2332181","priority_score":372,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":432,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-2332181","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2332181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-UGLIFYJS-1727251","issue_id":"SNYK-JS-UGLIFYJS-1727251","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-1018905","issue_id":"SNYK-JS-LODASH-1018905","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTMLMINIFIER-3091181","issue_id":"SNYK-JS-HTMLMINIFIER-3091181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTMLMINIFIER-3091181","issue_id":"SNYK-JS-HTMLMINIFIER-3091181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTTPPROXY-569139","issue_id":"SNYK-JS-HTTPPROXY-569139","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1085627","issue_id":"SNYK-JS-ISSVG-1085627","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1243891","issue_id":"SNYK-JS-ISSVG-1243891","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BROWSERSLIST-1090194","issue_id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-COLORSTRING-1082939","issue_id":"SNYK-JS-COLORSTRING-1082939","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-DOTPROP-543489","issue_id":"SNYK-JS-DOTPROP-543489","priority_score":636,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.3","score":315},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-ELLIPTIC-1064899","issue_id":"SNYK-JS-ELLIPTIC-1064899","priority_score":554,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.8","score":340},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Cryptographic Issues"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-AXIOS-1038255","issue_id":"SNYK-JS-AXIOS-1038255","priority_score":616,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Server-Side Request Forgery (SSRF)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-ELLIPTIC-511941","issue_id":"SNYK-JS-ELLIPTIC-511941","priority_score":509,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Timing Attack"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-FOLLOWREDIRECTS-2396346","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2396346","priority_score":130,"priority_score_factors":[{"type":"cvssScore","label":"2.6","score":130},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Information Exposure"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-FOLLOWREDIRECTS-2396346","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2396346","priority_score":344,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"2.6","score":130},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BABELTRAVERSE-5962462","issue_id":"SNYK-JS-BABELTRAVERSE-5962462","priority_score":786,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.3","score":465},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Incomplete List of Disallowed Inputs"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BABELTRAVERSE-5962463","issue_id":"SNYK-JS-BABELTRAVERSE-5962463","priority_score":786,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.3","score":465},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Incomplete List of Disallowed Inputs"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-7577916","issue_id":"SNYK-JS-ELLIPTIC-7577916","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-7577917","issue_id":"SNYK-JS-ELLIPTIC-7577917","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ELLIPTIC-7577918","issue_id":"SNYK-JS-ELLIPTIC-7577918","priority_score":776,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"9.1","score":455},{"type":"scoreVersion","label":"v1","score":1}],"severity":"critical","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SERIALIZEJAVASCRIPT-6056521","issue_id":"SNYK-JS-SERIALIZEJAVASCRIPT-6056521","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SHELLQUOTE-1766506","issue_id":"SNYK-JS-SHELLQUOTE-1766506","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Remote Code Execution (RCE)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SSRI-1246392","issue_id":"SNYK-JS-SSRI-1246392","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SERIALIZEJAVASCRIPT-536840","issue_id":"SNYK-JS-SERIALIZEJAVASCRIPT-536840","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SERIALIZEJAVASCRIPT-570062","issue_id":"SNYK-JS-SERIALIZEJAVASCRIPT-570062","priority_score":706,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.7","score":385},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary Code Injection"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SERIALIZEJAVASCRIPT-6056521","issue_id":"SNYK-JS-SERIALIZEJAVASCRIPT-6056521","priority_score":619,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cross-site Scripting (XSS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SSRI-1246392","issue_id":"SNYK-JS-SSRI-1246392","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536528","issue_id":"SNYK-JS-TAR-1536528","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536531","issue_id":"SNYK-JS-TAR-1536531","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-NTHCHECK-1586032","issue_id":"SNYK-JS-NTHCHECK-1586032","priority_score":696,"priority_score_fa...

@snyk-bot
fix: upgrade multiple dependencies with Snyk
0da7a87 
Snyk has created this PR to upgrade:
  - @nuxtjs/axios from 5.6.0 to 5.13.6.
    See this package in npm: https://www.npmjs.com/package/@nuxtjs/axios
  - nuxt from 2.10.0 to 2.18.1.
    See this package in npm: https://www.npmjs.com/package/nuxt
  - storyblok-nuxt from 1.0.2 to 1.3.1.
    See this package in npm: https://www.npmjs.com/package/storyblok-nuxt

See this project in Snyk:
https://app.snyk.io/org/takawiramundure/project/0119fcaf-5ae5-4d4c-a48d-2162a6fd1bce?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@takawiramundure @snyk-bot