[Snyk] Security upgrade pdfmake from 0.1.65 to 0.2.7 by snyk-bot · Pull Request #30 · santosomar/kibana

snyk-bot · 2022-12-18T23:52:38Z

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	863/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 9.4	Code Injection SNYK-JS-PDFMAKE-3160329	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: pdfmake

The new version differs by 122 commits.

bc46caa 0.2.7
da19b86 Update CHANGELOG.md
af933ae Vulnerability fix CVE-2022-46161
0f04a54 Node.js 18 LTS
9a8ea38 0.2.6
a6a7668 Fixed refetching fonts from URL Pies no longer lose labels elastic/kibana#2477
eebdf14 fixed TrueType Collection loading from URL Add Legend by Default elastic/kibana#2456
3255ec7 Roboto font (version 3.005)
9c0743d fixed calculating page height use "http.cors" ,kibana no result.. elastic/kibana#2464
8920ffe year++
819ea22 0.2.5
e2e44be support passing headers to request for loading font files and images via URL adresses Changing camelCase to snake_case for configuration elastic/kibana#2071
0695645 test for core-js polyfill Object.isExtensible bug 1/1/1970 blanked elastic/kibana#2362
ac08142 0.2.4
a8339f8 0.2.4
f60a075 Update CHANGELOG.md
ae0074e core-js 3.19.1 contains a bug with Object.isExtensible function. Set version 3.19.0 1/1/1970 blanked elastic/kibana#2362
35ebfe4 Update CHANGELOG.md
990cab2 fix destination path argument in VFS build script (Switch Private loader to a provider elastic/kibana#2361)
69e07bb fix changelog
83a1dd5 0.2.3
495c3c9 refresh pdf examples
ff79713 Update CHANGELOG.md
6b550e7 fixed how infos are passed to pdfkit (Line Chart - empty chart when missing data elastic/kibana#2347)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Code Injection

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PDFMAKE-3160329

fix: package.json to reduce vulnerabilities

ce3dcad

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-PDFMAKE-3160329

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Security upgrade pdfmake from 0.1.65 to 0.2.7#30

[Snyk] Security upgrade pdfmake from 0.1.65 to 0.2.7#30
snyk-bot wants to merge 1 commit intomasterfrom
snyk-fix-515ec4cba4066561e779903239634a0f

snyk-bot commented Dec 18, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

snyk-bot commented Dec 18, 2022

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant