Skip to content
This repository was archived by the owner on Aug 15, 2022. It is now read-only.

[Snyk] Security upgrade libp2p-webrtc-star from 0.20.1 to 0.25.0#2

Open
snyk-bot wants to merge 1 commit into
mainfrom
snyk-fix-2d28f32b16c30b67203410e1b3cb8b0b
Open

[Snyk] Security upgrade libp2p-webrtc-star from 0.20.1 to 0.25.0#2
snyk-bot wants to merge 1 commit into
mainfrom
snyk-fix-2d28f32b16c30b67203410e1b3cb8b0b

Conversation

@snyk-bot

Copy link
Copy Markdown
Contributor

Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

merge advice

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • yarn.lock

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Denial of Service (DoS)
SNYK-JS-ENGINEIO-1056749
No Proof of Concept
medium severity Open Redirect
SNYK-JS-NODEFORGE-2330875
No Proof of Concept
medium severity Prototype Pollution
SNYK-JS-NODEFORGE-2331908
No No Known Exploit

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

1 participant