[Snyk] Fix for 18 vulnerabilities #63
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…rabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-450202 - https://snyk.io/vuln/SNYK-JS-LODASH-608086 - https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173732 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 - https://snyk.io/vuln/SNYK-JS-LODASHMERGE-173733 - https://snyk.io/vuln/SNYK-JS-LODASH-567746 - https://snyk.io/vuln/SNYK-JS-LODASH-6139239 - https://snyk.io/vuln/SNYK-JS-QS-3153490 - https://snyk.io/vuln/SNYK-JS-SEMVER-3247795 - https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541 - https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922 - https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 - https://snyk.io/vuln/SNYK-JS-SETVALUE-450213 - https://snyk.io/vuln/SNYK-JS-LODASHMERGEWITH-174136 - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595 - https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640 - https://snyk.io/vuln/SNYK-JS-KINDOF-537849
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to fix 18 vulnerabilities in the npm dependencies of this project.
Snyk changed the following file(s):
backend/package.jsonbackend/package-lock.jsonVulnerabilities that will be fixed with an upgrade:
SNYK-JS-LODASH-450202
SNYK-JS-LODASH-608086
SNYK-JS-LODASHMERGE-173732
SNYK-JS-LODASH-1040724
SNYK-JS-LODASHMERGE-173733
SNYK-JS-LODASH-567746
SNYK-JS-LODASH-6139239
SNYK-JS-QS-3153490
SNYK-JS-SEMVER-3247795
SNYK-JS-SETVALUE-1540541
SNYK-JS-JSONSCHEMA-1920922
SNYK-JS-MIXINDEEP-450212
SNYK-JS-SETVALUE-450213
SNYK-JS-LODASHMERGEWITH-174136
SNYK-JS-LODASH-1018905
SNYK-JS-POSTCSS-1090595
SNYK-JS-POSTCSS-1255640
SNYK-JS-KINDOF-537849
Release notes
Package name: @sendgrid/mail
-
7.0.0 - 2020-04-01
-
6.5.5 - 2020-03-18
-
6.5.4 - 2020-03-04
-
6.5.3 - 2020-02-20
-
6.5.2 - 2020-02-05
-
6.5.1 - 2020-01-24
-
6.5.0 - 2020-01-15
-
6.4.0 - 2019-05-06
-
6.3.1 - 2018-06-14
from @sendgrid/mail GitHub release notesPackage name: globby
-
10.0.0 - 2019-06-29
- Upgrade
- Require Node.js 8 9f781ce
- Remove
- Add
- Fix using the
-
9.2.0 - 2019-04-01
- Refactor TypeScript definition to CommonJS compatible export (#115) dc0a49c
from globby GitHub release notesBreaking:
fast-globpackage to v3 (#126) 3706920Important: Read the
fast-globrelease notes! There are many breaking changes.**/bower_components/**as a default ignore pattern 2dd76d2Enhancements:
globby.stream()(#113) 8aadde8Fixes:
gitignoreandstatsoptions together (#121) 33ca01cv9.2.0...v10.0.0
v9.1.0...v9.2.0
Package name: jsonwebtoken
-
9.0.2 - 2023-08-30
-
9.0.1 - 2023-07-05
-
9.0.0 - 2022-12-21
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
8.5.1 - 2019-03-18
from jsonwebtoken GitHub release notesRelease 9.0.2 (#935)
Updating package version to 9.0.1 (#920)
Check if node version supports asymmetricKeyDetails
Validate algorithms for ec key type
Rename variable
Rename function
Add early return for symmetric keys
Validate algorithm for RSA key type
Validate algorithm for RSA-PSS key type
Check key types for EdDSA algorithm
Rename function
Move validateKey function to module
Convert arrow to function notation
Validate key in verify function
Simplify if
Convert if to switch..case
Guard against empty key in validation
Remove empty line
Add lib to check modulus length
Add modulus length checks
Validate mgf1HashAlgorithm and saltLength
Check node version before using key details API
Use built-in modulus length getter
Fix Node version validations
Remove duplicate validateKey
Add periods to error messages
Fix validation in verify function
Make asymmetric key validation the latest validation step
Change key curve validation
Remove support for ES256K
Fix old test that was using wrong key types to sign tokens
Enable RSA-PSS for old Node versions
Add specific RSA-PSS validations on Node 16 LTS+
Improve error message
Simplify key validation code
Fix typo
Improve error message
Change var to const in test
Change const to let to avoid reassigning problem
Improve error message
Test incorrect private key type
Rename invalid to unsupported
Test verifying of jwt token with unsupported key
Test invalid private key type
Change order of object parameters
Move validation test to separate file
Move all validation tests to separate file
Add prime256v1 ec key
Remove modulus length check
WIP: Add EC key validation tests
Fix node version checks
Fix error message check on test
Add successful tests for EC curve check
Remove only from describe
Remove
onlyRemove duplicate block of code
Move variable to a different scope and make it const
Convert allowed curves to object for faster lookup
Rename variable
Change variable assignment order
Remove unused object properties
Test RSA-PSS happy path and wrong length
Add missing tests
Pass validation if no algorithm has been provided
Test validation of invalid salt length
Test error when signing token with invalid key
Change var to const/let in verify tests
Test verifying token with invalid key
Improve test error messages
Add parameter to skip private key validation
Replace DSA key with a 4096 bit long key
Test allowInvalidPrivateKeys in key signing
Improve test message
Rename variable
Add key validation flag tests
Fix variable name in Readme
Change private to public dsa key in verify
Rename flag
Run EC validation tests conditionally
Fix tests in old node versions
Ignore block of code from test coverage
Separate EC validations tests into two different ones
Add comment
Wrap switch in if instead of having an early return
Remove unsupported algorithms from asymmetric key validation
Rename option to allowInvalidAsymmetricKeyTypes and improve Readme
9.0.0
adding migration notes to readme
adding changelog for version 9.0.0
Co-authored-by: julienwoll [email protected]
8.5.1
Package name: node-cache
-
5.0.0 - 2019-10-23
- Remove lodash dependency
- DROP CALLBACK SUPPORT - Read the migration guide if you are currently using the callback based api!
⚠️
- add .has(key) and method - Thanks to Regev Brody for PR [#132]!
- add .mset([{key,val,ttl}]) method - Thanks to Sujesh Thekkepatt for PR [#142]!
- add maxKeys setting to limit cache size - Thanks do @ daluf for PR [#141]!
- Also, thank you to all other contributors that remain unnamed here! 🎉
cache.get("my-key", function(err, value) {
const value = cache.get("my-key");
- Add options.promiseValueSize for promise value. Thanks to Ryan Roemer for the pull [#84]
- Added option deleteOnExpire
- Added DefinitelyTyped Typescript definitions. Thanks to Ulf Seltmann for the pulls [#90] and [#92]
- Thanks to Daniel Jin for the readme fix in pull [#93]
- Optimized test and ci configs.
from node-cache GitHub release notesMIGRATION GUIDE 🚧
We have dropped callback support in node-cache and you should migrate to our sync-style api!
If you cannot refactor right now, you can turn on legacy callback support by enabling the
enableLegacyCallbacksoption. Eg:const cache = new NodeCache({ enableLegacyCallbacks: true })But we strongly recommend to refactor your code to use the sync-api because we will drop official callback support in Versions v6.x and onwards.
If your code currently looks like this:
if (err) {
// ...
}
// double equal checks for null and undefined
if (value != null) {
// hmm.... nothing here :(
}
// do something with value
});
it should be rewritten to:
// double equal checks for null and undefined
if (value != null) {
// hmm.... nothing here :(
}
// do something with value
5.0.0-alpha.1 - 2019-10-18
5.0.0-alpha.1
5.0.0-alpha.0 - 2019-09-18
4.2.1 - 2019-07-24
…d security vulnerability
4.2.0 - 2018-03-21
Package name: sanitize-html
-
2.5.3 - 2021-11-02
-
2.5.2 - 2021-10-13
-
2.5.1 - 2021-09-14
-
2.5.0 - 2021-09-08
-
2.4.0 - 2021-05-20
-
2.3.3 - 2021-03-19
-
2.3.2 - 2021-01-26
-
2.3.1 - 2021-01-22
-
2.3.0 - 2020-12-16
-
2.2.0 - 2020-12-02
-
2.1.2 - 2020-11-04
-
2.1.1 - 2020-10-21
-
2.1.0 - 2020-10-07
-
2.0.0 - 2020-09-23
-
2.0.0-rc.2 - 2020-09-09
-
2.0.0-rc.1 - 2020-08-26
-
2.0.0-beta.2 - 2020-08-12
-
2.0.0-beta - 2020-07-29
-
1.27.5 - 2020-09-23
-
1.27.4 - 2020-08-26
-
1.27.3 - 2020-08-12
-
1.27.2 - 2020-07-29
-
1.27.1 - 2020-07-15
-
1.27.0 - 2020-06-17
-
1.26.0 - 2020-06-03
-
1.25.0 - 2020-05-29
-
1.24.0 - 2020-05-20
-
1.23.0 - 2020-04-09
-
1.22.1 - 2020-03-12
-
1.22.0 - 2020-02-23
-
1.21.1 - 2020-01-17
-
1.21.0 - 2020-01-17
-
1.20.1 - 2019-04-25
-
1.20.0 - 2018-12-17
from sanitize-html GitHub release notesPackage name: truncate-html
-
1.1.0 - 2024-03-02
- no vulnerabilities
- cheerio can now handle CJK characters correctly
- if you are using custom cheerio instance with this library, you should set the third parameter of
- better support for typescript
-
1.0.5-beta.2 - 2023-06-17
-
1.0.5-beta.1 - 2023-06-17
-
1.0.4 - 2021-07-09
-
1.0.3 - 2019-08-14
-
1.0.2 - 2019-04-13
from truncate-html GitHub release notesThere are several changes:
cheerio.loadtofalseto get rid of extra wrappers, see load for details.v1.0.5-beta.2
v1.0.5-beta.1
fix: fix type define issues, fixs #32
v1.0.3
update readme.md
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Prototype Pollution
🦉 Validation Bypass
🦉 Regular Expression Denial of Service (ReDoS)
🦉 More lessons are available in Snyk Learn
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"@sendgrid/mail","from":"6.3.1","to":"7.0.0"},{"name":"globby","from":"9.2.0","to":"10.0.0"},{"name":"jsonwebtoken","from":"8.5.1","to":"9.0.2"},{"name":"node-cache","from":"4.2.0","to":"5.0.0"},{"name":"sanitize-html","from":"1.20.0","to":"2.5.3"},{"name":"truncate-html","from":"1.0.2","to":"1.1.0"}],"env":"prod","issuesToFix":[{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-JSONSCHEMA-1920922","priority_score":150,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00515},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Nov 14 2021 16:49:43 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.84},{"name":"likelihood","value":1.9},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00091},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Jan 19 2020 14:31:13 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Validation Bypass"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-KINDOF-537849","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"none"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"pro...