Skip to content
This repository was archived by the owner on May 13, 2025. It is now read-only.

[Snyk] Upgrade @nextcloud/vue from 3.2.0 to 3.10.1#20

Open
snyk-bot wants to merge 1 commit into
masterfrom
snyk-upgrade-2588d1aa6cf33a26976503b6cac46711
Open

[Snyk] Upgrade @nextcloud/vue from 3.2.0 to 3.10.1#20
snyk-bot wants to merge 1 commit into
masterfrom
snyk-upgrade-2588d1aa6cf33a26976503b6cac46711

Conversation

@snyk-bot

Copy link
Copy Markdown

Snyk has created this PR to upgrade @nextcloud/vue from 3.2.0 to 3.10.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 18 versions ahead of your current version.
  • The recommended version was released a month ago, on 2021-06-02.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-Y18N-1021887
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1085630
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Command Injection
SNYK-JS-LODASH-1040724
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Improper Input Validation
SNYK-JS-URLPARSE-1078283
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Arbitrary Code Injection
SNYK-JS-UNDERSCORE-1080984
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Prototype Pollution
SNYK-JS-PATHVAL-596926
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Cross-site Scripting (XSS)
SNYK-JS-NEXTCLOUDDIALOGS-1245465
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Cross-site Scripting (XSS)
SNYK-JS-NEXTCLOUDDIALOGS-1245465
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Prototype Pollution
SNYK-JS-HANDLEBARS-1279029
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Remote Code Execution (RCE)
SNYK-JS-HANDLEBARS-1056767
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255
472/1000
Why? Proof of Concept exploit, CVSS 7.3
Proof of Concept
Cross-site Scripting (XSS)
SNYK-JS-STRIPTAGS-1312310
472/1000
Why? Proof of Concept exploit, CVSS 7.3
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @nextcloud/vue from @nextcloud/vue GitHub release notes
Commit messages
Package name: @nextcloud/vue

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant