[Snyk] Fix for 1 vulnerabilities
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this Merge Request
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|---|
 |
658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-NODEMAILER-6219989 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: mailparser
The new version differs by 26 commits.- 6adad57 chore(master): release 3.6.7 [skip-ci] (#358)
-
8bc4225 fix:
⬆ update nodemailer dependency to resolve security issue GHSA-9h6g-pr28-7cqp (#357) - 3f8a516 chore(master): release 3.6.6 [skip-ci] (#354)
- 6bae600 fix: Fix produced text address list string according to rfc 2822 (#340)
- a2ba9c2 fix(test): updated test matrix (18, 20, 21)
- 7d78cb9 removed node v16 from test matrix
- d6eb56f fix(deploy): added auto-deployment
- 92b73a2 v3.6.5
- 5070a32 Replaces optional chaining
- 80ba89e Fixes #346
- ac11f78 v3.6.4
- 38b7df2 Merge branch 'jonny64-v3.4.0_hang'
- a645760 Do not repeat processing invalidly encoded address
- ad0c383 Merge branch 'v3.4.0_hang' of github.com:jonny64/mailparser into jonny64-v3.4.0_hang
- 694416e add test #337
- dd33c76 remove redundant content type check
- b1d6a25 v3.6.3
- b1f0775 v3.6.2
- 7bef1fc v3.6.1
- 22ad3c6 Update package.json
- beffb6e Updated test workflow
- 3778c7c v3.6.0
- dfdbe6f chore: bump libmime from 5.1.0 to 5.2.0
- b6bba6e v3.5.0
Package name: nodemailer
The new version differs by 71 commits.- 5a2e10f chore(master): release 6.9.9 [skip-ci] (#1606)
- dd8f5e8 fix(security): Fix issues described in GHSA-9h6g-pr28-7cqp. Do not use eternal matching pattern if only a few occurences are expected
- 2c2b46a chore: do not use caret in version specifier
- be45c1b fix(tests): Use native node test runner, added code coverage support, removed grunt (#1604)
- 4233f6f chore(master): release 6.9.8 [skip-ci] (#1605)
- 09d502f chore: removed double file
- b4d0e0c fix(punycode): do not use native punycode module
- 8376c02 Test new github notice syntax for README
- bc46a3b Updated stale github action
- 78bdaf8 chore: remove redundant AWS SDK for JavaScript v2 (#1593)
- 971ced7 chore: add mailcatch.app to well-known/services.json (#1586)
- 879e562 chore(master): release 6.9.7 [skip-ci] (#1585)
- 140e3b0 Merge branch 'master' of github.com:nodemailer/nodemailer
- 41d482c fix(customAuth): Do not require user and pass to be set for custom authentication schemes (fixes #1584)
- 20e9fe0 update - `services.json` - add SES SMTP endpoints for the AP region (#1580)
- 9da77b6 chore(master): release 6.9.6 [skip-ci] (#1578)
- 7fe0a60 fix(tests): Removed Node v12 from test matrix as it is not compatible with the test framework anymore
- db32c93 fix(inline): Use 'inline' as the default Content Dispostion value for embedded images
- fdc7c27 chore(master): release 6.9.5 [skip-ci] (#1573)
- da4744e fix(license): Updated license year
- 13672b2 Removed legacy files (#1571)
- afd2287 Added release workflow to publish npm packages from Github
- 1ae83a2 Update services.json
- 286dc28 v6.9.4
Check the changes in this Merge Request to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 
🧐 View latest project report
Learn how to fix vulnerabilities with free interactive lessons: