Skip to content

Commit

Permalink
Address vulnerabilities (#332)
Browse files Browse the repository at this point in the history 
Address vulnerabilities by running `npm audit fix`. Some of the package updates include:
- upgrade `@babel/traverse` from v7.10.3 and v7.11.5 to v7.23.9 to prevent Incomplete List of Disallowed Inputs critical [vulnerability](https://nvd.nist.gov/vuln/detail/CVE-2023-45133) fixed in v7.23.2
- upgrade `handlebars` from v4.7.6 to v4.7.8 to prevent [Prototype Pollution](https://nvd.nist.gov/vuln/detail/cve-2021-23383) and [Remote Code Execution](https://nvd.nist.gov/vuln/detail/CVE-2021-23369) fixed in v4.7.7
- upgrade `lodash` from v4.17.20 to v4.17.21 to prevent [Command Injection](https://nvd.nist.gov/vuln/detail/CVE-2021-23337) and [ReDoS](https://nvd.nist.gov/vuln/detail/CVE-2020-28500) fixed in v4.17.21
- upgrade `shell-quote` from 1.7.2 to v1.8.1 to prevent [CVE-2021-42740](https://nvd.nist.gov/vuln/detail/CVE-2021-42740) fixed in v1.7.3

J=VULN-38731
TEST=none
  • Loading branch information
@nmanu1
nmanu1 authored Feb 28, 2024
1 parent cb722b9 commit 7adeb96
Show file tree
Hide file tree
Showing 2 changed files with 1,023 additions and 484 deletions.
Loading

0 comments on commit 7adeb96

Please sign in to comment.