[Snyk] Upgrade: , #1707
Open
[Snyk] Upgrade: , #1707
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- @babel/core from 7.14.0 to 7.25.2.
See this package in npm: https://www.npmjs.com/package/@babel/core
- @babel/preset-env from 7.14.0 to 7.25.3.
See this package in npm: https://www.npmjs.com/package/@babel/preset-env
See this project in Snyk:
https://app.snyk.io/org/nanyte25/project/36423122-0bf1-444d-a789-01e64670a703?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
@babel/core
from 7.14.0 to 7.25.2 | 80 versions ahead of your current version | 25 days ago
on 2024-07-30
@babel/preset-env
from 7.14.0 to 7.25.3 | 67 versions ahead of your current version | 23 days ago
on 2024-07-31
Issues fixed by the recommended upgrade:
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-DNSPACKET-1293563
SNYK-JS-ES5EXT-6095076
SNYK-JS-TAR-1579147
SNYK-JS-TAR-1579152
SNYK-JS-TAR-1579155
SNYK-JS-QS-3153490
SNYK-JS-QS-3153490
SNYK-JS-QS-3153490
SNYK-JS-JSONSCHEMA-1920922
SNYK-JS-IP-6240864
SNYK-JS-WS-7266574
SNYK-JS-TAR-1536528
SNYK-JS-TAR-1536531
SNYK-JS-URLPARSE-2407770
SNYK-JS-WS-7266574
SNYK-JS-MOMENT-2440688
SNYK-JS-MOMENT-2944238
SNYK-JS-TMPL-1583443
SNYK-JS-ASYNC-2441827
SNYK-JS-AXIOS-1579269
SNYK-JS-BROWSERIFYSIGN-6037026
SNYK-JS-DECODEURICOMPONENT-3149970
SNYK-JS-JSON5-3182856
SNYK-JS-FOLLOWREDIRECTS-2332181
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-POSTCSS-1255640
SNYK-JS-POSTCSS-1255640
SNYK-JS-WS-1296835
SNYK-JS-TERSER-2806366
SNYK-JS-TOUGHCOOKIE-5672873
SNYK-JS-FOLLOWREDIRECTS-2396346
SNYK-JS-ELLIPTIC-7577916
SNYK-JS-ELLIPTIC-7577917
SNYK-JS-ELLIPTIC-7577918
SNYK-JS-EVENTSOURCE-2823375
SNYK-JS-EXPRESS-6474509
SNYK-JS-TAR-6476909
SNYK-JS-URLPARSE-1533425
SNYK-JS-POSTCSS-1090595
SNYK-JS-REQUEST-3361831
SNYK-JS-JSON5-3182856
SNYK-JS-ISTANBULREPORTS-2328088
SNYK-JS-NWSAPI-2841516
SNYK-JS-PATHPARSE-1077067
SNYK-JS-POSTCSS-1090595
SNYK-JS-XML2JS-5414874
SNYK-JS-URLPARSE-2401205
SNYK-JS-URLPARSE-2407759
SNYK-JS-URLPARSE-2412697
SNYK-JS-WS-1296835
SNYK-JS-NANOID-2332193
SNYK-JS-TERSER-2806366
SNYK-JS-TOUGHCOOKIE-5672873
SNYK-JS-COOKIEJAR-3149984
SNYK-JS-TAR-1536758
SNYK-JS-WORDWRAP-3149973
SNYK-JS-MINIMIST-2429795
SNYK-JS-BABELTRAVERSE-5962462
Release notes
Package name: @babel/core
-
7.25.2 - 2024-07-30
- #16695 Ensure that
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
-
7.24.9 - 2024-07-15
- #16639 Avoid
- #16638 fix: provide legacy typings for TS < 4.1 (@ JLHwung)
- #16617 Avoid extra parens in TS
- #16629 Lazy top-level initializations for module transforms (@ guybedford)
- Babel Bot (@ babel-bot)
- Guy Bedford (@ guybedford)
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- @ liuxingbaoyu
-
7.24.8 - 2024-07-11
- #16567 Do not use strict mode in TS
- #16630 Correctly print parens around
- #16626 Fix printing of comments in
- #16591 fix typescript code generation for yield expression inside type expre… (@ SreeXD)
- #16613 Disallow destructuring assignment in
- #16490 fix: do not add
- #16615 Remove boolean props from
- #16566 fix: Correctly handle
- #16625 Avoid unnecessary parens around
- #16619 Avoid checking
- Amjad Yahia Robeen Hassan (@ amjed-98)
- Babel Bot (@ babel-bot)
- Huáng Jùnliàng (@ JLHwung)
- Jon Kuperman (@ jkup)
- Nagendran N (@ SreeXD)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Sukka (@ SukkaW)
- @ H0onnn
- @ liuxingbaoyu
-
7.24.7 - 2024-06-05
-
7.24.6 - 2024-05-24
-
7.24.5 - 2024-04-29
-
7.24.4 - 2024-04-03
-
7.24.3 - 2024-03-20
-
7.24.1 - 2024-03-19
-
7.24.0 - 2024-02-28
-
7.23.9 - 2024-01-25
-
7.23.7 - 2023-12-29
-
7.23.6 - 2023-12-11
-
7.23.5 - 2023-11-29
-
7.23.3 - 2023-11-09
-
7.23.2 - 2023-10-12
-
7.23.0 - 2023-09-25
-
7.22.20 - 2023-09-16
-
7.22.19 - 2023-09-14
-
7.22.18 - 2023-09-14
-
7.22.17 - 2023-09-08
-
7.22.15 - 2023-09-04
-
7.22.11 - 2023-08-24
-
7.22.10 - 2023-08-07
-
7.22.9 - 2023-07-12
-
7.22.8 - 2023-07-06
-
7.22.7 - 2023-07-06
-
7.22.6 - 2023-07-04
-
7.22.5 - 2023-06-08
-
7.22.1 - 2023-05-26
-
7.22.0 - 2023-05-26
-
7.21.8 - 2023-05-02
-
7.21.5 - 2023-04-28
-
7.21.4 - 2023-03-31
-
7.21.4-esm.4 - 2023-04-04
-
7.21.4-esm.3 - 2023-04-04
-
7.21.4-esm.2 - 2023-04-04
-
7.21.4-esm.1 - 2023-04-04
-
7.21.4-esm - 2023-04-04
-
7.21.3 - 2023-03-14
-
7.21.0 - 2023-02-20
-
7.20.12 - 2023-01-04
-
7.20.7 - 2022-12-22
-
7.20.5 - 2022-11-28
-
7.20.2 - 2022-11-04
-
7.19.6 - 2022-10-20
-
7.19.3 - 2022-09-27
-
7.19.1 - 2022-09-14
-
7.19.0 - 2022-09-05
-
7.18.13 - 2022-08-22
-
7.18.10 - 2022-08-01
-
7.18.9 - 2022-07-18
-
7.18.6 - 2022-06-27
-
7.18.5 - 2022-06-13
-
7.18.2 - 2022-05-25
-
7.18.0 - 2022-05-19
-
7.17.12 - 2022-05-16
-
7.17.10 - 2022-04-29
-
7.17.9 - 2022-04-06
-
7.17.8 - 2022-03-18
-
7.17.7 - 2022-03-14
-
7.17.5 - 2022-02-17
-
7.17.4 - 2022-02-15
-
7.17.3 - 2022-02-15
-
7.17.2 - 2022-02-08
-
7.17.0 - 2022-02-02
-
7.16.12 - 2022-01-22
-
7.16.10 - 2022-01-19
-
7.16.7 - 2021-12-31
-
7.16.5 - 2021-12-13
-
7.16.0 - 2021-10-29
-
7.15.8 - 2021-10-06
-
7.15.5 - 2021-09-04
-
7.15.4 - 2021-09-02
-
7.15.0 - 2021-08-04
-
7.14.8 - 2021-07-20
-
7.14.6 - 2021-06-14
-
7.14.5 - 2021-06-09
-
7.14.3 - 2021-05-17
-
7.14.2 - 2021-05-12
-
7.14.0 - 2021-04-29
from @babel/core GitHub release notesv7.25.2 (2024-07-30)
🐛 Bug Fix
babel-core,babel-traverserequeueComputedKeyAndDecoratorsis available (@ nicolo-ribaudo)Committers: 2
v7.24.9 (2024-07-15)
🐛 Bug Fix
babel-core,babel-standalonerequire()call in@ babel/standalonebundle (@ nicolo-ribaudo)babel-types💅 Polish
babel-generator,babel-plugin-transform-optional-chainingas/satisfies(@ nicolo-ribaudo)🏠 Internal
babel-helper-module-transformsCommitters: 5
v7.24.8 (2024-07-11)
Thanks @ H0onnn, @ jkup and @ SreeXD for your first pull requests!
👓 Spec Compliance
babel-parserdeclare(@ liuxingbaoyu)🐛 Bug Fix
babel-generatorininforheads (@ nicolo-ribaudo)await using(@ nicolo-ribaudo)babel-parserusingdeclarations (@ H0onnn).value: undefinedto regexp literals (@ liuxingbaoyu)babel-typesObjectTypeInternalSlotvisitor keys (@ nicolo-ribaudo)babel-plugin-transform-typescriptexport import x =(@ liuxingbaoyu)💅 Polish
babel-generatorasyncinfor await(@ nicolo-ribaudo)babel-traverseScope.globalsmultiple times (@ liuxingbaoyu)Committers: 9
Package name: @babel/preset-env
-
7.25.3 - 2024-07-31
- #16699 Avoid validating visitors produced by
- #16688 Add
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
-
7.25.2 - 2024-07-30
- #16695 Ensure that
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
-
7.25.0 - 2024-07-26
- #16537
- #16602 Ensure enum members syntactically determinable to be strings do not get reverse mappings (@ liuxingbaoyu)
- #16658 Move
- #16644 Move
- #16645 Move
- #16649 Move
- #16480 Expose wether a module has TLA or not as
- #16569 Introduce
- #16551 Add
- #16579 Add
- #16642 Allow using custom config in
- #16445 Add
- #16678 Print parens around as expressions on the LHS (@ nicolo-ribaudo)
- #15286 fix: Props are lost when the template replaces the node (@ liuxingbaoyu)
- Other
- #16674 bump gulp to 5 (@ JLHwung)
- #16651 Simplify the printing logic for
- #16652 Simplify
- #16461 Some minor parser performance improvements for ts (@ liuxingbaoyu)
- #16670 Reduce redundant
- #16374 Improve
- #16656 Simplify output for anonymous classes with no methods (@ nicolo-ribaudo)
- Artem (@ slatereax)
- Babel Bot (@ babel-bot)
- David Taylor (@ davidtaylorhq)
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- @ liuxingbaoyu
-
7.24.8 - 2024-07-11
- #16567 Do not use strict mode in TS
- #16630 Correctly print parens around
- #16626 Fix printing of comments in
- #16591 fix typescript code generation for yield expression inside type expre… (@ SreeXD)
- #16613 Disallow destructuring assignment in
- #16490 fix: do not add
- #16615 Remove boolean props from
- #16566 fix: Correctly handle
- #16625 Avoid unnecessary parens around
- #16619 Avoid checking
- Amjad Yahia Robeen Hassan (@ amjed-98)
- Babel Bot (@ babel-bot)
- Huáng Jùnliàng (@ JLHwung)
- Jon Kuperman (@ jkup)
- Nagendran N (@ SreeXD)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Sukka (@ SukkaW)
- @ H0onnn
- @ liuxingbaoyu
-
7.24.7 - 2024-06-05
- #16554 Allow extra flags in babel-node (@ nicolo-ribaudo)
- #16522 fix: incorrect
- #16524 fix: Transform
- #16525 Delete unused array helpers (@ blakewilson)
- Amjad Yahia Robeen Hassan (@ amjed-98)
- Babel Bot (@ babel-bot)
- Blake Wilson (@ blakewilson)
- Huáng Jùnliàng (@ JLHwung)
- Nicolò Ribaudo (@ nicolo-ribaudo)
- Sukka (@ SukkaW)
- @ liuxingbaoyu
-
7.24.6 - 2024-05-24
-
7.24.5 - 2024-04-29
-
7.24.4 - 2024-04-03
-
7.24.3 - 2024-03-20
-
7.24.1 - 2024-03-19
-
7.24.0 - 2024-02-28
-
7.23.9 - 2024-01-25
-
7.23.8 - 2024-01-08
-
7.23.7 - 2023-12-29
-
7.23.6 - 2023-12-11
-
7.23.5 - 2023-11-29
-
7.23.3 - 2023-11-09
-
7.23.2 - 2023-10-11
-
7.22.20 - 2023-09-16
-
7.22.15 - 2023-09-04
-
7.22.14 - 2023-08-30
-
7.22.10 - 2023-08-07
-
7.22.9 - 2023-07-12
-
7.22.7 - 2023-07-06
-
7.22.6 - 2023-07-04
-
7.22.5 - 2023-06-08
-
7.22.4 - 2023-05-29
-
7.22.2 - 2023-05-26
-
7.22.1 - 2023-05-26
-
7.22.0 - 2023-05-26
-
7.21.5 - 2023-04-28
-
7.21.4 - 2023-03-31
-
7.21.4-esm.4 - 2023-04-04
-
7.21.4-esm.3 - 2023-04-04
-
7.21.4-esm.2 - 2023-04-04
-
7.21.4-esm.1 - 2023-04-04
-
7.21.4-esm - 2023-04-04
-
7.20.2 - 2022-11-04
-
7.19.4 - 2022-10-10
-
7.19.3 - 2022-09-27
-
7.19.1 - 2022-09-14
-
7.19.0 - 2022-09-05
-
7.18.10 - 2022-08-01
-
7.18.9 - 2022-07-18
-
7.18.6 - 2022-06-27
-
7.18.2 - 2022-05-25
-
7.18.0 - 2022-05-19
-
7.17.12 - 2022-05-16
-
7.17.10 - 2022-04-29
-
7.16.11 - 2022-01-20
-
7.16.10 - 2022-01-19
-
7.16.8 - 2022-01-10
-
7.16.7 - 2021-12-31
-
7.16.5 - 2021-12-13
-
7.16.4 - 2021-11-16
-
7.16.0 - 2021-10-29
-
7.15.8 - 2021-10-06
-
7.15.6 - 2021-09-09
-
7.15.4 - 2021-09-02
-
7.15.0 - 2021-08-04
-
7.14.9 - 2021-08-01
-
7.14.8 - 2021-07-20
-
7.14.7 - 2021-06-21
-
7.14.5 - 2021-06-09
-
7.14.4 - 2021-05-28
-
7.14.2 - 2021-05-12
-
7.14.1 - 2021-05-04
-
7.14.0 - 2021-04-29
from @babel/preset-env GitHub release notesv7.25.3 (2024-07-31)
🐛 Bug Fix
babel-plugin-bugfix-firefox-class-in-computed-class-key,babel-traversetraverse.visitors.merge(@ nicolo-ribaudo)🏠 Internal
babel-parser@ babel/typesas a dependency of@ babel/parser(@ nicolo-ribaudo)Committers: 2
v7.25.2 (2024-07-30)
🐛 Bug Fix
babel-core,babel-traverserequeueComputedKeyAndDecoratorsis available (@ nicolo-ribaudo)Committers: 2
v7.25.0 (2024-07-26)
Thanks @ davidtaylorhq and @ slatereax for your first PR!
You can find the release blog post with some highlights at https://babeljs.io/blog/2024/07/26/7.25.0.
👓 Spec Compliance
babel-helpers,babel-plugin-proposal-explicit-resource-management,babel-runtime-corejs3await usingnormative updates (@ JLHwung)babel-plugin-transform-typescript🚀 New Feature
babel-helper-create-class-features-plugin,babel-helper-function-name,babel-helper-plugin-utils,babel-helper-wrap-function,babel-plugin-bugfix-safari-class-field-initializer-scope,babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression,babel-plugin-transform-classes,babel-plugin-transform-function-name,babel-preset-env,babel-traverse,babel-typesensureFunctionNametoNodePath.prototype(@ nicolo-ribaudo)babel-helper-hoist-variables,babel-helper-plugin-utils,babel-plugin-proposal-async-do-expressions,babel-plugin-transform-modules-systemjs,babel-traversehoistVariablestoScope.prototype(@ nicolo-ribaudo)babel-helper-create-class-features-plugin,babel-helper-module-transforms,babel-helper-plugin-utils,babel-helper-split-export-declaration,babel-plugin-transform-classes,babel-traverse,babel-typessplitExportDeclarationtoNodePath.prototype(@ nicolo-ribaudo)babel-helper-create-class-features-plugin,babel-helper-environment-visitor,babel-helper-module-transforms,babel-helper-plugin-utils,babel-helper-remap-async-to-generator,babel-helper-replace-supers,babel-plugin-bugfix-firefox-class-in-computed-class-key,babel-plugin-bugfix-v8-static-class-fields-redefine-readonly,babel-plugin-transform-async-generator-functions,babel-plugin-transform-classes,babel-traverseenvironment-visitorhelper into@ babel/traverse(@ nicolo-ribaudo)babel-core,babel-parser.extra.async(@ nicolo-ribaudo)babel-compat-data,babel-plugin-bugfix-safari-class-field-initializer-scope,babel-preset-envbugfix-safari-class-field-initializer-scope(@ davidtaylorhq)babel-plugin-transform-block-scoping,babel-traverse,babel-typesNodePath#getAssignmentIdentifiers(@ JLHwung)babel-helper-import-to-platform-api,babel-plugin-proposal-json-modulesuncheckedRequireoption for JSON imports to CJS (@ nicolo-ribaudo)babel-helper-transform-fixture-test-runner,babel-nodebabel-node --eval(@ slatereax)babel-compat-data,babel-helper-create-regexp-features-plugin,babel-plugin-proposal-duplicate-named-capturing-groups-regex,babel-plugin-transform-duplicate-named-capturing-groups-regex,babel-preset-env,babel-standaloneduplicate-named-capturing-groups-regextopreset-env(@ JLHwung)🐛 Bug Fix
babel-generatorbabel-template,babel-types🏠 Internal
babel-generator(before ambiguous tokens (@ nicolo-ribaudo)babel-helper-function-name,babel-plugin-transform-arrow-functions,babel-plugin-transform-function-name,babel-preset-env,babel-traversehelper-function-namelogic (@ nicolo-ribaudo)🏃♀️ Performance
babel-parser,babel-plugin-proposal-pipeline-operator🔬 Output optimization
babel-plugin-transform-classesassertThisInitialized(@ liuxingbaoyu)babel-helper-create-class-features-plugin,babel-helper-replace-supers,babel-helpers,babel-plugin-proposal-decorators,babel-plugin-transform-class-properties,babel-plugin-transform-classes,babel-plugin-transform-exponentiation-operator,babel-plugin-transform-object-super,babel-plugin-transform-private-methods,babel-runtime-corejs2,babel-runtime-corejs3,babel-runtimesuper.xoutput (@ liuxingbaoyu)babel-plugin-transform-class-properties,babel-plugin-transform-classesCommitters: 6
v7.24.8 (2024-07-11)
Thanks @ H0onnn, @ jkup and @ SreeXD for your first pull requests!
👓 Spec Compliance
babel-parserdeclare(@ liuxingbaoyu)🐛 Bug Fix
babel-generatorininforheads (@ nicolo-ribaudo)await using(@ nicolo-ribaudo)babel-parserusingdeclarations (@ H0onnn).value: undefinedto regexp literals (@ liuxingbaoyu)babel-typesObjectTypeInternalSlotvisitor keys (@ nicolo-ribaudo)babel-plugin-transform-typescriptexport import x =(@ liuxingbaoyu)💅 Polish
babel-generatorasyncinfor await(@ nicolo-ribaudo)babel-traverseScope.globalsmultiple times (@ liuxingbaoyu)Committers: 9
v7.24.7 (2024-06-05)
🐛 Bug Fix
babel-nodebabel-traverseconstantViolationswith destructuring (@ liuxingbaoyu)babel-helper-transform-fixture-test-runner,babel-plugin-proposal-explicit-resource-managementusinginswitchcorrectly (@ liuxingbaoyu)🏠 Internal
babel-helpers,babel-runtime-corejs2,babel-runtime-corejs3,babel-runtimeCommitters: 7
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"","from":"babel/core","to":"babel/core"},{"name":"","from":"babel/preset-env","to":"babel/preset-env"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":472,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-DNSPACKET-1293563","issue_id":"SNYK-JS-DNSPACKET-1293563","priority_score":385,"priority_score_factors":[{"type":"cvssScore","label":"7.7","score":385},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Remote Memory Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ES5EXT-6095076","issue_id":"SNYK-JS-ES5EXT-6095076","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579147","issue_id":"SNYK-JS-TAR-1579147","priority_score":425,"priority_score_factors":[{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579152","issue_id":"SNYK-JS-TAR-1579152","priority_score":425,"priority_score_factors":[{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1579155","issue_id":"SNYK-JS-TAR-1579155","priority_score":425,"priority_score_factors":[{"type":"cvssScore","label":"8.5","score":425},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Write"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-QS-3153490","issue_id":"SNYK-JS-QS-3153490","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Poisoning"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-QS-3153490","issue_id":"SNYK-JS-QS-3153490","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Poisoning"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-QS-3153490","issue_id":"SNYK-JS-QS-3153490","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Poisoning"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-JSONSCHEMA-1920922","issue_id":"SNYK-JS-JSONSCHEMA-1920922","priority_score":430,"priority_score_factors":[{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-IP-6240864","issue_id":"SNYK-JS-IP-6240864","priority_score":537,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-7266574","issue_id":"SNYK-JS-WS-7266574","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536528","issue_id":"SNYK-JS-TAR-1536528","priority_score":410,"priority_score_factors":[{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-TAR-1536531","issue_id":"SNYK-JS-TAR-1536531","priority_score":410,"priority_score_factors":[{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary File Overwrite"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-URLPARSE-2407770","issue_id":"SNYK-JS-URLPARSE-2407770","priority_score":512,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-7266574","issue_id":"SNYK-JS-WS-7266574","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MOMENT-2440688","issue_id":"SNYK-JS-MOMENT-2440688","priority_score":375,"priority_score_factors":[{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Directory Traversal"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MOMENT-2944238","issue_id":"SNYK-JS-MOMENT-2944238","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TMPL-1583443","issue_id":"SNYK-JS-TMPL-1583443","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ASYNC-2441827","issue_id":"SNYK-JS-ASYNC-2441827","priority_score":482,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-AXIOS-1579269","issue_id":"SNYK-JS-AXIOS-1579269","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-BROWSERIFYSIGN-6037026","issue_id":"SNYK-JS-BROWSERIFYSIGN-6037026","priority_score":375,"priority_score_factors":[{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-DECODEURICOMPONENT-3149970","issue_id":"SNYK-JS-DECODEURICOMPONENT-3149970","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-JSON5-3182856","issue_id":"SNYK-JS-JSON5-3182856","priority_score":427,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"6.4","score":320},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-2332181","issue_id":"SNYK-JS-FOLLOWREDIRECTS-2332181","priority_score":372,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":432,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-POSTCSS-1255640","issue_id":"SNYK-JS-POSTCSS-1255640","priority_score":372,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-POSTCSS-1255640","issue_id":"SNYK-JS-POSTCSS-1255640","priority_score":372,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-1296835","issue_id":"SNYK-JS-WS-1296835","priority_score":372,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of S...