[Snyk] Upgrade sass from 1.32.12 to 1.77.8 #1710
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade sass from 1.32.12 to 1.77.8.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 127 versions ahead of your current version.
The recommended version was released on a month ago.
Issues fixed by the recommended upgrade:
SNYK-JS-LODASHSET-1320032
SNYK-JS-ASYNC-2441827
SNYK-JS-ASYNC-2441827
SNYK-JS-AXIOS-1579269
SNYK-JS-SSH2-1656673
SNYK-JS-TAR-1536528
SNYK-JS-TAR-1536531
SNYK-JS-TAR-1579147
SNYK-JS-TAR-1579152
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-BRACES-6838727
SNYK-JS-MONGOOSE-2961688
SNYK-JS-MONGOOSE-5777721
SNYK-JS-NORMALIZEURL-1296539
SNYK-JS-MICROMATCH-6838728
SNYK-JS-PARSELINKHEADER-1582783
SNYK-JS-QS-3153490
SNYK-JS-QS-3153490
SNYK-JS-QS-3153490
SNYK-JS-JSONSCHEMA-1920922
SNYK-JS-TAR-1579155
SNYK-JS-GOT-2932019
SNYK-JS-VALIDATOR-1090599
SNYK-JS-VALIDATOR-1090600
SNYK-JS-VALIDATOR-1090601
SNYK-JS-VALIDATOR-1090602
SNYK-JS-XML2JS-5414874
SNYK-JS-XML2JS-5414874
SNYK-JS-SNYKSNYKHEXPLUGIN-3039680
SNYK-JS-SNYK-3037342
SNYK-JS-SNYK-3038622
SNYK-JS-SNYK-3111871
SNYK-JS-SNYKDOCKERPLUGIN-3039679
SNYK-JS-COOKIEJAR-3149984
SNYK-JS-EXPRESS-6474509
SNYK-JS-FOLLOWREDIRECTS-2332181
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-MONGODB-5871303
SNYK-JS-MPATH-1577289
SNYK-JS-NODEMAILER-1296415
SNYK-JS-NODEMAILER-6219989
SNYK-JS-MINIMATCH-3050818
SNYK-JS-SNYKGOPLUGIN-3037316
SNYK-JS-SNYKGRADLEPLUGIN-3038624
SNYK-JS-SNYKMVNPLUGIN-3038623
SNYK-JS-SNYKPYTHONPLUGIN-3039677
SNYK-JS-SNYKSBTPLUGIN-3038626
SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625
SNYK-JS-JSZIP-1251497
SNYK-JS-JSZIP-3188562
SNYK-JS-JSZIP-1251497
SNYK-JS-JSZIP-3188562
SNYK-JS-GOT-2932019
SNYK-JS-HTTPCACHESEMANTICS-3248783
SNYK-JS-INFLIGHT-6095116
SNYK-JS-ISSVG-1085627
SNYK-JS-ISSVG-1243891
SNYK-JS-JSON5-3182856
SNYK-JS-TAR-6476909
SNYK-JS-WORDWRAP-3149973
SNYK-JS-TAR-1536758
SNYK-JS-FOLLOWREDIRECTS-2396346
Release notes
Package name: sass
To install Sass 1.77.8, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
See the full changelog for changes in earlier releases.
See sass/sass#3885
…264)
To install Sass 1.77.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
@ extend
.See the full changelog for changes in earlier releases.
To install Sass 1.77.4, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
Embedded Sass
Support passing
Version
input forfatalDeprecations
as string over embedded protocol.Fix a bug in the JS Embedded Host where
Version
could be incorrectly accepted as input forsilenceDeprecations
andfutureDeprecations
in pure JS.See the full changelog for changes in earlier releases.
To install Sass 1.77.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
Dart API
Deprecation.duplicateVariableFlags
has been deprecated and replaced withDeprecation.duplicateVarFlags
to make it consistent with theduplicate-var-flags
name used on the command line and in the JS API.See the full changelog for changes in earlier releases.
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"sass","from":"1.32.12","to":"1.77.8"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASHSET-1320032","issue_id":"SNYK-JS-LODASHSET-1320032","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ASYNC-2441827","issue_id":"SNYK-JS-ASYNC-2441827","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ASYNC-2441827","issue_id":"SNYK-JS-ASYNC-2441827","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-AXIOS-1579269","issue_id":"SNYK-JS-AXIOS-1579269","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SSH2-1656673","issue_id":"SNYK-JS-SSH2-1656673","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Command Injection"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536528","issue_id":"SNYK-JS-TAR-1536528","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536531","issue_id":"SNYK-JS-TAR-1536531","priority_score":624,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579147","issue_id":"SNYK-JS-TAR-1579147","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579152","issue_id":"SNYK-JS-TAR-1579152","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BRACES-6838727","issue_id":"SNYK-JS-BRACES-6838727","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MONGOOSE-2961688","issue_id":"SNYK-JS-MONGOOSE-2961688","priority_score":671,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7","score":350},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MONGOOSE-5777721","issue_id":"SNYK-JS-MONGOOSE-5777721","priority_score":726,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-NORMALIZEURL-1296539","issue_id":"SNYK-JS-NORMALIZEURL-1296539","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MICROMATCH-6838728","issue_id":"SNYK-JS-MICROMATCH-6838728","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Inefficient Regular Expression Complexity"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PARSELINKHEADER-1582783","issue_id":"SNYK-JS-PARSELINKHEADER-1582783","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-QS-3153490","issue_id":"SNYK-JS-QS-3153490","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Poisoning"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-QS-3153490","issue_id":"SNYK-JS-QS-3153490","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Poisoning"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-QS-3153490","issue_id":"SNYK-JS-QS-3153490","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Poisoning"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONSCHEMA-1920922","issue_id":"SNYK-JS-JSONSCHEMA-1920922","priority_score":430,"priority_score_factors":[{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579155","issue_id":"SNYK-JS-TAR-1579155","priority_score":639,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":484,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.4","score":270},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-VALIDATOR-1090599","issue_id":"SNYK-JS-VALIDATOR-1090599","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-VALIDATOR-1090600","issue_id":"SNYK-JS-VALIDATOR-1090600","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-VALIDATOR-1090601","issue_id":"SNYK-JS-VALIDATOR-1090601","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-VALIDATOR-1090602","issue_id":"SNYK-JS-VALIDATOR-1090602","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-XML2JS-5414874","issue_id":"SNYK-JS-XML2JS-5414874","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-XML2JS-5414874","issue_id":"SNYK-JS-XML2JS-5414874","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKSNYKHEXPLUGIN-3039680","issue_id":"SNYK-JS-SNYKSNYKHEXPLUGIN-3039680","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYK-3037342","issue_id":"SNYK-JS-SNYK-3037342","priority_score":641,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.4","score":320},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYK-3038622","issue_id":"SNYK-JS-SNYK-3038622","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-SNYK-3111871","issue_id":"SNYK-JS-SNYK-3111871","priority_score":504,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.8","score":290},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Code Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKDOCKERPLUGIN-3039679","issue_id":"SNYK-JS-SNYKDOCKERPLUGIN-3039679","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-COOKIEJAR-3149984","issue_id":"SNYK-JS-COOKIEJAR-3149984","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-EXPRESS-6474509","issue_id":"SNYK-JS-EXPRESS-6474509","priority_score":519,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.1","score":305},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-2332181","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2332181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MONGODB-5871303","issue_id":"SNYK-JS-MONGODB-5871303","priority_score":424,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"4.2","score":210},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MPATH-1577289","issue_id":"SNYK-JS-MPATH-1577289","priority_score":601,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.6","score":280},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-NODEMAILER-1296415","issue_id":"SNYK-JS-NODEMAILER-1296415","priority_score":636,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.3","score":315},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"HTTP Header Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-NODEMAILER-6219989","issue_id":"SNYK-JS-NODEMAILER-6219989","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MINIMATCH-3050818","issue_id":"SNYK-JS-MINIMATCH-3050818","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKGOPLUGIN-3037316","issue_id":"SNYK-JS-SNYKGOPLUGIN-3037316","priority_score":641,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.4","score":320},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKGRADLEPLUGIN-3038624","issue_id":"SNYK-JS-SNYKGRADLEPLUGIN-3038624","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKMVNPLUGIN-3038623","issue_id":"SNYK-JS-SNYKMVNPLUGIN-3038623","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKPYTHONPLUGIN-3039677","issue_id":"SNYK-JS-SNYKPYTHONPLUGIN-3039677","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKSBTPLUGIN-3038626","issue_id":"SNYK-JS-SNYKSBTPLUGIN-3038626","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625","issue_id":"SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625","priority_score":571,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5","score":250},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-JSZIP-1251497","issue_id":"SNYK-JS-JSZIP-1251497","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSZIP-3188562","issue_id":"SNYK-JS-JSZIP-3188562","priority_score":529,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.3","score":315},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Arbitrary File Write via Archive Extraction (Zip Slip)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-JSZIP-1251497","issue_id":"SNYK-JS-JSZIP-1251497","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSZIP-3188562","issue_id":"SNYK-JS-JSZIP-3188562","priority_score":529,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.3","score":315},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Arbitrary File Write via Archive Extraction (Zip Slip)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-GOT-2932019","issue_id":"SNYK-JS-GOT-2932019","priority_score":484,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.4","score":270},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","issue_id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-INFLIGHT-6095116","issue_id":"SNYK-JS-INFLIGHT-6095116","priority_score":631,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.2","score":310},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Missing Release of Resource after Effective Lifetime"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1085627","issue_id":"SNYK-JS-ISSVG-1085627","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1243891","issue_id":"SNYK-JS-ISSVG-1243891","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-JSON5-3182856","issue_id":"SNYK-JS-JSON5-3182856","priority_score":427,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"6.4","score":320},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WORDWRAP-3149973","issue_id":"SNYK-JS-WORDWRAP-3149973","priority_score":292,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536758","issue_id":"SNYK-JS-TAR-1536758","priority_score":410,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":11},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-FOLLOWREDIRECTS-2396346","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2396346","priority_score":344,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"2.6","score":130},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Information Exposure"}],"prId":"acd64dfe-95e2-41cc-9e5b-2693e82113ff","prPublicId":"acd64dfe-95e2-41cc-9e5b-2693e82113ff","packageManager":"npm","priorityScoreList":[686,482,696,589,624,624,639,639,686,696,671,726,589,589,696,696,430,639,484,586,586,586,586,586,571,641,571,504,571,586,519,586,646,424,601,636,586,479,641,571,571,571,571,571,586,529,586,631,586,586,427,646,292,410,344],"projectPublicId":"00f74e0e-90a3-4f94-85f8-dff269c4bc53","projectUrl":"https://app.snyk.io/org/nanyte25/project/00f74e0e-90a3-4f94-85f8-dff269c4bc53?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-LODASHSET-1320032","SNYK-JS-ASYNC-2441827","SNYK-JS-ASYNC-2441827","SNYK-JS-AXIOS-1579269","SNYK-JS-SSH2-1656673","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-TAR-1579152","SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-BRACES-6838727","SNYK-JS-MONGOOSE-2961688","SNYK-JS-MONGOOSE-5777721","SNYK-JS-NORMALIZEURL-1296539","SNYK-JS-MICROMATCH-6838728","SNYK-JS-PARSELINKHEADER-1582783","SNYK-JS-QS-3153490","SNYK-JS-QS-3153490","SNYK-JS-QS-3153490","SNYK-JS-JSONSCHEMA-1920922","SNYK-JS-TAR-1579155","SNYK-JS-GOT-2932019","SNYK-JS-VALIDATOR-1090599","SNYK-JS-VALIDATOR-1090600","SNYK-JS-VALIDATOR-1090601","SNYK-JS-VALIDATOR-1090602","SNYK-JS-XML2JS-5414874","SNYK-JS-XML2JS-5414874","SNYK-JS-SNYKSNYKHEXPLUGIN-3039680","SNYK-JS-SNYK-3037342","SNYK-JS-SNYK-3038622","SNYK-JS-SNYK-3111871","SNYK-JS-SNYKDOCKERPLUGIN-3039679","SNYK-JS-COOKIEJAR-3149984","SNYK-JS-EXPRESS-6474509","SNYK-JS-FOLLOWREDIRECTS-2332181","SNYK-JS-FOLLOWREDIRECTS-6444610","SNYK-JS-MONGODB-5871303","SNYK-JS-MPATH-1577289","SNYK-JS-NODEMAILER-1296415","SNYK-JS-NODEMAILER-6219989","SNYK-JS-MINIMATCH-3050818","SNYK-JS-SNYKGOPLUGIN-3037316","SNYK-JS-SNYKGRADLEPLUGIN-3038624","SNYK-JS-SNYKMVNPLUGIN-3038623","SNYK-JS-SNYKPYTHONPLUGIN-3039677","SNYK-JS-SNYKSBTPLUGIN-3038626","SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625","SNYK-JS-JSZIP-1251497","SNYK-JS-JSZIP-3188562","SNYK-JS-JSZIP-1251497","SNYK-JS-JSZIP-3188562","SNYK-JS-GOT-2932019","SNYK-JS-HTTPCACHESEMANTICS-3248783","SNYK-JS-INFLIGHT-6095116","SNYK-JS-ISSVG-1085627","SNYK-JS-ISSVG-1243891","SNYK-JS-JSON5-3182856","SNYK-JS-TAR-6476909","SNYK-JS-WORDWRAP-3149973","SNYK-JS-TAR-1536758","SNYK-JS-FOLLOWREDIRECTS-2396346"],"upgradeInfo":{"versionsDiff":127,"publishedDate":"2024-07-11T19:59:00.512Z"},"vulns":["SNYK-JS-LODASHSET-1320032","SNYK-JS-ASYNC-2441827","SNYK-JS-ASYNC-2441827","SNYK-JS-AXIOS-1579269","SNYK-JS-SSH2-1656673","SNYK-JS-TAR-1536528","SNYK-JS-TAR-1536531","SNYK-JS-TAR-1579147","SNYK-JS-TAR-1579152","SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-BRACES-6838727","SNYK-JS-MONGOOSE-2961688","SNYK-JS-MONGOOSE-5777721","SNYK-JS-NORMALIZEURL-1296539","SNYK-JS-MICROMATCH-6838728","SNYK-JS-PARSELINKHEADER-1582783","SNYK-JS-QS-3153490","SNYK-JS-QS-3153490","SNYK-JS-QS-3153490","SNYK-JS-JSONSCHEMA-1920922","SNYK-JS-TAR-1579155","SNYK-JS-GOT-2932019","SNYK-JS-VALIDATOR-1090599","SNYK-JS-VALIDATOR-1090600","SNYK-JS-VALIDATOR-1090601","SNYK-JS-VALIDATOR-1090602","SNYK-JS-XML2JS-5414874","SNYK-JS-XML2JS-5414874","SNYK-JS-SNYKSNYKHEXPLUGIN-3039680","SNYK-JS-SNYK-3037342","SNYK-JS-SNYK-3038622","SNYK-JS-SNYK-3111871","SNYK-JS-SNYKDOCKERPLUGIN-3039679","SNYK-JS-COOKIEJAR-3149984","SNYK-JS-EXPRESS-6474509","SNYK-JS-FOLLOWREDIRECTS-2332181","SNYK-JS-FOLLOWREDIRECTS-6444610","SNYK-JS-MONGODB-5871303","SNYK-JS-MPATH-1577289","SNYK-JS-NODEMAILER-1296415","SNYK-JS-NODEMAILER-6219989","SNYK-JS-MINIMATCH-3050818","SNYK-JS-SNYKGOPLUGIN-3037316","SNYK-JS-SNYKGRADLEPLUGIN-3038624","SNYK-JS-SNYKMVNPLUGIN-3038623","SNYK-JS-SNYKPYTHONPLUGIN-3039677","SNYK-JS-SNYKSBTPLUGIN-3038626","SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625","SNYK-JS-JSZIP-1251497","SNYK-JS-JSZIP-3188562","SNYK-JS-JSZIP-1251497","SNYK-JS-JSZIP-3188562","SNYK-JS-GOT-2932019","SNYK-JS-HTTPCACHESEMANTICS-3248783","SNYK-JS-INFLIGHT-6095116","SNYK-JS-ISSVG-1085627","SNYK-JS-ISSVG-1243891","SNYK-JS-JSON5-3182856","SNYK-JS-TAR-6476909","SNYK-JS-WORDWRAP-3149973","SNYK-JS-TAR-1536758","SNYK-JS-FOLLOWREDIRECTS-2396346"]}'