[Snyk] Upgrade eslint-plugin-react from 7.34.0 to 7.35.0 #13
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade eslint-plugin-react from 7.34.0 to 7.35.0. See this package in npm: eslint-plugin-react See this project in Snyk: https://app.snyk.io/org/hashim21223445/project/28b3299a-6d46-45cb-a12f-cffa56654663?utm_source=github&utm_medium=referral&page=upgrade-pr
|
Review changes with SemanticDiff. Analyzed 1 of 1 files.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade eslint-plugin-react from 7.34.0 to 7.35.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 5 versions ahead of your current version.
The recommended version was released on 21 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-SEMVER-3247795
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555
SNYK-JS-WS-7266574
SNYK-JS-WS-7266574
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-SEMVER-3247795
SNYK-JS-TAR-6476909
SNYK-JS-DOMPURIFY-6474511
SNYK-JS-EXPRESS-6474509
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-HTTPCACHESEMANTICS-3248783
SNYK-JS-REQUIREJS-5416713
SNYK-JS-REQUIREJS-7414192
SNYK-JS-REQUIREJS-7417994
SNYK-JS-WORDWRAP-3149973
Release notes
Package name: eslint-plugin-react
-
7.35.0 - 2024-07-20
- support eslint v9 (#3759 @ mdjermanovic)
- export flat configs from plugin root and fix flat config crash (#3694 @ bradzacher @ mdjermanovic)
- add
- version settings: Allow react defaultVersion to be configurable (#3771 @ onlywei)
- [Refactor]
-
7.34.4 - 2024-07-13
-
7.34.3 - 2024-06-18
-
7.34.2 - 2024-05-28
- [Refactor] create various eslint utils to fix eslint deprecations (#3759 @ mdjermanovic, @ ljharb)
-
7.34.1 - 2024-03-15
-
7.34.0 - 2024-03-04
- add
- [Refactor]
- [Refactor]
- [Refactor]
- [Refactor]
- [Docs]
- [Tests]
- [Docs]
- [Docs]
from eslint-plugin-react GitHub release notesAdded
jsx-props-no-spread-multi(#3724 @ SimonSchick)forbid-component-props: addpropNamePatternto allow / disallow prop name patterns (#3774 @ akulsr0)jsx-handler-names: support ignoring component names (#3772 @ akulsr0)jsx-closing-tag-location: addline-alignedoption (#3777 @ kimtaejin3)no-danger: addcustomComponentNamesoption (#3748 @ akulsr0)Fixed
no-invalid-html-attribute: substitute placeholders in suggestion messages (#3759 @ mdjermanovic)sort-prop-types: single line type ending without semicolon (#3784 @ akulsr0)require-default-props: report when required props have default value (#3785 @ akulsr0)Changed
variableUtil: Avoid creating a single flat variable scope for each lookup (#3782 @ DanielRosenwasser)Fixed
prop-types: fixclassNamemissing in prop validation false negative (#3749 @ akulsr0)sort-prop-types: Check for undefined before accessingnode.typeAnnotation.typeAnnotation(#3779 @ tylerlaprade)Fixed
prop-types: null-check rootNode before calling getScope (#3762 @ crnhrv)boolean-prop-naming: avoid a crash with a spread prop (#3733 @ ljharb)jsx-boolean-value:assumeUndefinedIsFalsewithnevermust not allow explicittruevalue (#3757 @ 6uliver)no-object-type-as-default-prop: enable rule for components with many parameters (#3768 @ JulienR1)jsx-key: incorrect behavior for checkKeyMustBeforeSpread with map callbacks (#3769 @ akulsr0)Fixed
boolean-prop-naming: avoid a crash with a non-TSTypeReference type (#3718 @ developer-bandi)jsx-no-leaked-render: invalid report if left side is boolean (#3746 @ akulsr0)jsx-closing-bracket-location: message shows{{details}}when there are no details (#3759 @ mdjermanovic)no-invalid-html-attribute: ensure error messages are correct (#3759 @ mdjermanovic, @ ljharb)Changed
Fixed
jsx-no-leaked-render: prevent wrongly adding parens (#3700 @ developer-bandi)boolean-prop-naming: detect TS interfaces (#3701 @ developer-bandi)boolean-prop-naming: literalType error fix (#3704 @ developer-bandi)boolean-prop-naming: allow TSIntersectionType (#3705 @ developer-bandi)no-unknown-property: supportpopover,popovertarget,popovertargetactionattributes (#3707 @ ljharb)no-unknown-property: only matchdata-*attributes containing-(#3713 @ silverwind)checked-requires-onchange-or-readonly: correct options that were behaving opposite (#3715 @ jaesoekjjang)Changed
boolean-prop-naming: improve error message (@ ljharb)Added
sort-prop-types: give errors on TS types (#3615 @ akulsr0)no-invalid-html-attribute: add support forapple-touch-startup-imagerelattributes inlinktags (#3638 @ thomashockaday)no-unknown-property: add requireDataLowercase option (#3645 @ HermanBilous)no-unknown-property: adddisplaystyleon<math>(#3652 @ lounsbrough)prefer-read-only-props,prop-types, component detection: allow components to be async functions (#3654 @ pnodet)no-unknown-property: supportonResizeon audio/video tags (#3662 @ caesar1030)jsx-wrap-multilines: addneveroption to prohibit wrapping parens on multiline JSX (#3668 @ reedws)jsx-filename-extension: addignoreFilesWithoutCodeoption to allow empty files (#3674 @ burtek)jsx-boolean-value: addassumeUndefinedIsFalseoption (#3675 @ developer-bandi)linkAttributesetting,jsx-no-target-blank: support multiple properties (#3673 @ burtek)jsx-no-script-url: addincludeFromSettingsoption to supportlinkAttributessetting (#3673 @ burtek)jsx-one-expression-per-line: addnon-jsxoption to allow non-JSX children in one line (#3677 @ burtek)checked-requires-onchange-or-readonlyrule (#3680 @ jaesoekjjang)Fixed
jsx-no-leaked-render: preserve RHS parens for multiline jsx elements while fixing (#3623 @ akulsr0)jsx-key: detect conditional returns (#3630 @ yialo)jsx-newline: prevent a crash whenallowMultilines(#3633 @ ljharb)no-unknown-property: use a better regex to avoid a crash (#3666 @ ljharb @ SCH227)prop-types: handle nested forwardRef + memo (#3679 @ developer-bandi)no-unknown-property: addfetchPriority(#3697 @ SevereCloud)forbid-elements: prevent a crash oncreateElement()(#3632 @ ljharb)Changed
jsx-boolean-value: make error messages clearer (#3691 @ developer-bandi)propTypes: extract type params to var (#3634 @ HenryBrown0)boolean-prop-naming: invert if statement (#3634 @ HenryBrown0)function-component-definition: exit early if no type params (#3634 @ HenryBrown0)jsx-props-no-multi-spaces: extract type parameters to var (#3634 @ HenryBrown0)jsx-key: fix correct example (#3656 @ developer-bandi)jsx-wrap-multilines: passing tests (#3545 @ burtek)iframe-missing-sandbox: fix link to iframe attribute on mdn (#3690 @ nnmrts)hook-use-state: fix an undefined variable (#3626 @ chentsulin)Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"eslint-plugin-react","from":"7.34.0","to":"7.35.0"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SEMVER-3247795","issue_id":"SNYK-JS-SEMVER-3247795","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00152},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jun 20 2023 15:39:58 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","issue_id":"SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","priority_score":158,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 22 2024 08:05:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":6.65},{"name":"likelihood","value":2.36},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Path Traversal"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-7266574","issue_id":"SNYK-JS-WS-7266574","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jun 17 2024 14:34:03 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WS-7266574","issue_id":"SNYK-JS-WS-7266574","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jun 17 2024 14:34:03 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":158,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00051},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jan 01 2024 15:19:32 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SEMVER-3247795","issue_id":"SNYK-JS-SEMVER-3247795","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00152},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jun 20 2023 15:39:58 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-TAR-6476909","issue_id":"SNYK-JS-TAR-6476909","priority_score":142,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 22 2024 12:56:33 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.36},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-DOMPURIFY-6474511","issue_id":"SNYK-JS-DOMPURIFY-6474511","priority_score":67,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Apr 11 2024 09:49:38 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.83},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Template Injection"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-EXPRESS-6474509","issue_id":"SNYK-JS-EXPRESS-6474509","priority_score":74,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"none"},{"name":"scope","value":"changed"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"required"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Mar 26 2024 07:34:23 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":4.54},{"name":"likelihood","value":1.61},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Open Redirect"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00044},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 15 2024 07:59:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","issue_id":"SNYK-JS-HTTPCACHESEMANTICS-3248783","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00116},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jan 30 2023 14:39:52 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-REQUIREJS-5416713","issue_id":"SNYK-JS-REQUIREJS-5416713","priority_score":119,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Apr 01 2024 13:21:07 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":4.19},{"name":"likelihood","value":2.83},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-REQUIREJS-7414192","issue_id":"SNYK-JS-REQUIREJS-7414192","priority_score":118,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00043},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jul 02 2024 11:13:11 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":4.19},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-REQUIREJS-7417994","issue_id":"SNYK-JS-REQUIREJS-7417994","priority_score":118,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00043},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Jul 03 2024 16:11:18 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":4.19},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WORDWRAP-3149973","issue_id":"SNYK-JS-WORDWRAP-3149973","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00092},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Mar 22 2023 15:02:56 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"}],"prId":"d05e57b2-f634-421c-ab1a-749d93504292","prPublicId":"d05e57b2-f634-421c-ab1a-749d93504292","packageManager":"npm","priorityScoreList":[159,158,169,158,142,67,74,159,63,119,118,118,57],"projectPublicId":"28b3299a-6d46-45cb-a12f-cffa56654663","projectUrl":"https://app.snyk.io/org/hashim21223445/project/28b3299a-6d46-45cb-a12f-cffa56654663?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-SEMVER-3247795","SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","SNYK-JS-WS-7266574","SNYK-JS-WS-7266574","SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-SEMVER-3247795","SNYK-JS-TAR-6476909","SNYK-JS-DOMPURIFY-6474511","SNYK-JS-EXPRESS-6474509","SNYK-JS-FOLLOWREDIRECTS-6444610","SNYK-JS-HTTPCACHESEMANTICS-3248783","SNYK-JS-REQUIREJS-5416713","SNYK-JS-REQUIREJS-7414192","SNYK-JS-REQUIREJS-7417994","SNYK-JS-WORDWRAP-3149973"],"upgradeInfo":{"versionsDiff":5,"publishedDate":"2024-07-20T05:40:38.672Z"},"vulns":["SNYK-JS-SEMVER-3247795","SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555","SNYK-JS-WS-7266574","SNYK-JS-WS-7266574","SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-SEMVER-3247795","SNYK-JS-TAR-6476909","SNYK-JS-DOMPURIFY-6474511","SNYK-JS-EXPRESS-6474509","SNYK-JS-FOLLOWREDIRECTS-6444610","SNYK-JS-HTTPCACHESEMANTICS-3248783","SNYK-JS-REQUIREJS-5416713","SNYK-JS-REQUIREJS-7414192","SNYK-JS-REQUIREJS-7417994","SNYK-JS-WORDWRAP-3149973"]}'