[Snyk] Upgrade: , bootstrap, bootstrap-vue, nuxt

[takawiramundure]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@nuxtjs/axios
from 5.9.3 to 5.13.6 | 22 versions ahead of your current version | 3 years ago
on 2021-06-02
bootstrap
from 4.4.1 to 4.6.2 | 7 versions ahead of your current version | 2 years ago
on 2022-07-19
bootstrap-vue
from 2.2.0 to 2.23.1 | 36 versions ahead of your current version | 2 years ago
on 2022-10-26
nuxt
from 2.11.0 to 2.18.1 | 40 versions ahead of your current version | 3 months ago
on 2024-06-28

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	691	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	691	Proof of Concept
	Code Injection SNYK-JS-LODASH-1040724	691	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1023599	691	Proof of Concept
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	691	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	691	No Known Exploit
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	691	Proof of Concept
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	691	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	691	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-EJS-2803307	691	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	691	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTMLMINIFIER-3091181	691	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	691	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	691	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	691	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	691	No Known Exploit
	Denial of Service SNYK-JS-NODEFETCH-674311	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	691	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-1072471	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	691	Proof of Concept
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	691	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	691	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	691	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	691	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	691	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	691	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	691	Proof of Concept
	Prototype Pollution SNYK-JS-DOTPROP-543489	691	Proof of Concept
	Arbitrary Code Injection SNYK-JS-EJS-1049328	691	Proof of Concept
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	691	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	691	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	691	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	691	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577916	691	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577917	691	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-ELLIPTIC-7577918	691	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	691	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	691	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	691	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	691	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	691	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	691	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	691	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	691	Proof of Concept
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	691	No Known Exploit
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	691	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	691	Proof of Concept
	Arbitrary Code Injection SNYK-JS-SERIALIZEJAVASCRIPT-570062	691	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	691	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-610226	691	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	691	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-6139239	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	691	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	691	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	691	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	691	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	691	No Known Exploit
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	691	No Known Exploit
	Validation Bypass SNYK-JS-KINDOF-537849	691	Proof of Concept
	Cross-site Scripting SNYK-JS-SEND-7926862	691	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	691	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	691	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	691	Proof of Concept

Release notes

Package name: @nuxtjs/axios

• 5.13.6 - 2021-06-02
  

  Bug Fixes

  • setHeader function returns after the first scope element (#507) (cb5e29d)
• 5.13.5 - 2021-05-26
  

  Bug Fixes

  • only transpile defu for client bundle (resolves #501) (ec2eb0a)
• 5.13.4 - 2021-05-18
  

  Bug Fixes

  • build.transpile guard for [email protected] (fixes #498) (66d56ab)
• 5.13.3 - 2021-05-17
  

  Bug Fixes

  • transpile defu (cf1a03f), closes unjs/defu#28
• 5.13.2 - 2021-05-17
  

  Dependencies:

  • Update defu to 5.x
• 5.13.1 - 2021-02-08
  

  Bug Fixes

  • types: add missing type for create() (#475) (62f17ca)
  • types: update interceptors type (#476) (ecfab9a)
• 5.13.0 - 2021-02-01
  

  Features

  • Support baseUrl and browserBaseUrl to handle casing typos (8904847)

  Bug Fixes

  • Add x-forwarded-port and x-forwarded-proto to proxyHeaderIgnore defaults (#465) (a1a1894)
• 5.12.5 - 2021-01-04
  

  Bug Fixes

  • add x-forwarded-host to proxyHeaderIgnore defaults (#462) (433548b), closes #456

  Dependencies

  • Update axios to ^0.21.1 (axios/axios#3410) (#460)
• 5.12.4 - 2020-12-14
  

  Bug Fixes

  • Preserve default headers with custom headers (#452) (55f994f) (resolves resolves #411, #444)

  Dependencies

  • Update @ nuxtjs/proxy to 2.1.0 (less warnings and typescript rewrite)

  Thanks

  • Gábor Egyed (@ 1ed)
• 5.12.3 - 2020-11-30
  

  Bug Fixes

  • $loading().set(Infinity) issue (#424) (7b32262)
• 5.12.2 - 2020-08-25
• 5.12.1 - 2020-08-05
• 5.12.0 - 2020-07-10
• 5.11.0 - 2020-06-05
• 5.10.3 - 2020-04-30
• 5.10.2 - 2020-04-27
• 5.10.1 - 2020-04-22
• 5.10.0 - 2020-04-21
• 5.9.7 - 2020-03-30
• 5.9.6 - 2020-03-27
• 5.9.5 - 2020-02-02
• 5.9.4 - 2020-01-30
• 5.9.3 - 2020-01-11

from @nuxtjs/axios GitHub release notes

Package name: bootstrap

• 4.6.2 - 2022-07-19
  

  Highlights

  • Added an example to our Collapse plugin docs to show how to use horizontal collapsing. This has long been possible via our JS, but we never had an official class to utilize it.
  • We've replaced the deprecated color-adjust with print-color-adjust in our Sass files as part of the Autoprefixer v10.4.6 issues. This should quiet the issues folks have seen from that dependency change. If you're using our distribution CSS files, like bootstrap.min.css, you may still see the warning.
  • Tweaked the size of small and .small to compute to a whole pixel value (was 12.8px and now is 14px).
  • Improved accessibility around our dropdowns, color contrast, and role attributes.
  • Fixed some broken links to supporting documentation.
  • Updated dependencies across the board.

  What's Changed

  • Removed blurred background reference from the Toast Docs. by @ pricop in #35190
  • Update links to CCA, MQ5 prefers-reduced-motion, evergreen WCAG urls, more resources by @ patrickhlauke in #35427
  • v4-dev backports and updates by @ XhmikosR in #35482
  • Backport #35556 by @ julien-deramond in #35558
  • Tweak toast docs by @ patrickhlauke in #35633
  • v4-dev backports and updates by @ XhmikosR in #35642
  • Doc: Reorder alphabetically lists of components by @ julien-deramond in #36128
  • Updated the small-font-size to use a round value by @ pricop in #36172
  • v4 dev backports and updates by @ XhmikosR in #35767
  • _custom-forms.scss: fix order of attributes by @ twin-elements in #36231
  • Replace the deprecated color-adjust with print-color-adjust by @ AdrianCurtin in #36283
  • [v4] Doc: remove role="group" from some split drop* buttons by @ julien-deramond in #36254
  • Dynamic tabs: use buttons rather than links (backport to v4) by @ patrickhlauke in #33163
  • v4 dev updates by @ XhmikosR in #36430
  • Fix closing HTML tag in navs docs by @ julien-deramond in #36466
  • v4: Horizontal collapse by @ mdo in #36434
  • Fixing tabs' tests v4 by @ louismaximepiton in #36485
  • Docs: fix some ARIA Authoring Practices Guides broken links by @ julien-deramond in #36490
  • v4 - Remove confusing unnecessary id/aria-labelledby for dropdown menus by @ patrickhlauke in #36491
  • v4 Docs: outdated ARIA/PF link, expand contrast explanation in accessibility.md by @ patrickhlauke in #36492
  • v4: Improve accessible name of version dropdown in docs navbar by @ patrickhlauke in #36504
  • Update devDependencies by @ XhmikosR in #36522
  • Docs: update clipboard.js to v2.0.11 by @ julien-deramond in #36631
  • Update devDependencies by @ XhmikosR in #36724
  • v4: Add Fathom by @ mdo in #36727
  • Docs: Capitalize Unicode by @ julien-deramond in #36735
  • Release v4.6.2 by @ XhmikosR in #36725

  New Contributors

  • @ twin-elements made their first contribution in #36231
  • @ AdrianCurtin made their first contribution in #36283

  Full Changelog: v4.6.1...v4.6.2

• 4.6.1 - 2021-10-28
  

  What's changed

  • Replace Sass division with multiplication and custom divide() function by @ mdo in #34571
  • Update RFS to v8.1.0 by @ XhmikosR in #34571
  • fix(forms): input-group and validation icons by @ ffoodd in #32968
  • Fix minor visual bug in Firefox caused by moz-focusring by @ kremit in #32821
  • Adjust SAFE_URL_PATTERN regex for use with test method of regexes by @ nikonthethird in #33153
  • Add sms in the SAFE_URL_PATTERN for sanitizer by @ XhmikosR in #35074
  • Adjust feedback icon position and padding for select.form-control by @ mdo in #33206
  • Carousel: use buttons, not links, for prev/next controls by @ patrickhlauke in #33165
  • v4: Sass docs for default variables by @ mdo in #33392
  • Handle complex expressions in add() & subtract() by @ ffoodd in #34047
  • More concise improvements for add() and subtract() by @ ffoodd in #34432
  • Remove aria-haspopup from dropdowns by @ patrickhlauke in #33624
  • Dropdown: support .dropdown-item wrapped in <li> tags by @ cpsievert in #33649
  • Update Node versions in JS tests (drop Node 10, add Node 16), update docs JS assets and add variables for vertical-align in spinners by @ XhmikosR in #33807
  • Replace Freenode with Libera IRC server by @ midzer #34050
  • Fix repetition in the Navbar docs description by @ coliff in