New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 10 vulnerabilities #2604

Open

DmitriyStoyanov wants to merge 1 commit into master from snyk-fix-9496455d33e72938cc50e81ca86f00ad

Collaborator

DmitriyStoyanov commented Sep 6, 2024

Snyk has created this PR to fix 10 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

frontend-angular/package.json
frontend-angular/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Prototype Pollution SNYK-JS-PROTOBUFJS-5756498	751
	Prototype Pollution SNYK-JS-PROTOBUFJS-2441248	731
	Improper Input Validation SNYK-JS-URLPARSE-2407770	726
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ES5EXT-6095076	696
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	641
	Authorization Bypass SNYK-JS-URLPARSE-2407759	641
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	631
	Information Exposure SNYK-JS-NODEFETCH-2342118	539
	Cross-site Scripting (XSS) SNYK-JS-PRISMJS-2404333	484
	Improper Input Validation SNYK-JS-SWAGGERCLIENT-6836803	479

Important

Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Cross-site Scripting (XSS)
🦉 Prototype Pollution
🦉 More lessons are available in Snyk Learn


          fix: frontend-angular/package.json & frontend-angular/package-lock.js…

2c17aee

…on to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-5756498
- https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-2441248
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407770
- https://snyk.io/vuln/SNYK-JS-ES5EXT-6095076
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2401205
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2407759
- https://snyk.io/vuln/SNYK-JS-URLPARSE-2412697
- https://snyk.io/vuln/SNYK-JS-NODEFETCH-2342118
- https://snyk.io/vuln/SNYK-JS-PRISMJS-2404333
- https://snyk.io/vuln/SNYK-JS-SWAGGERCLIENT-6836803

DmitriyStoyanov requested a review from ElenaSpb as a code owner

September 6, 2024 03:33

sonarcloud bot commented Sep 6, 2024

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

github-actions bot commented Sep 6, 2024

Gradle Unit and Integration Test Results

493 tests ±0 489 ✔️ ±0 53s ⏱️ -1s
116 suites ±0     4 💤 ±0
116 files ±0     0 ❌ ±0

Results for commit 2c17aee. ± Comparison against base commit 0922821.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet