Skip to content

[Snyk] Security upgrade snyk from 1.437.2 to 1.1064.0

Muhammad Furqan requested to merge snyk-fix-39034a8feb2380c4abfdf7f9a4a3d18d into master

Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

Changes included in this Merge Request

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
Warning 
Failed to update the yarn.lock, please update manually before merging.

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Command Injection
SNYK-JS-SNYK-3038622 		No Proof of Concept
medium severity 576/1000
Why? Recently disclosed, Has a fix available, CVSS 5.8		 Code Injection
SNYK-JS-SNYK-3111871 		No No Known Exploit
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Command Injection
SNYK-JS-SNYKDOCKERPLUGIN-3039679 		No Proof of Concept
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Command Injection
SNYK-JS-SNYKGRADLEPLUGIN-3038624 		No Proof of Concept
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Command Injection
SNYK-JS-SNYKMVNPLUGIN-3038623 		No Proof of Concept
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Command Injection
SNYK-JS-SNYKPYTHONPLUGIN-3039677 		No Proof of Concept
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Command Injection
SNYK-JS-SNYKSBTPLUGIN-3038626 		No Proof of Concept
medium severity 643/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5		 Command Injection
SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625 		No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this Merge Request to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Merge request reports