Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade wildduck from 1.21.0 to 1.29.0 #8

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade wildduck from 1.21.0 to 1.29.0 #8

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 883/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 9.8		 Prototype Pollution
SNYK-JS-NODEFORGE-598677		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: wildduck The new version differs by 238 commits.
  • 78f77f1 v1.29.0
  • 6fafcaa made metaData visible for user, added new property internalData
  • 2fdf9ec Added sendTime option for draft submissions
  • 418cf70 Refactored IMAP COPY. Aborts copying if socket to client is closed
  • cd06367 Merge branch 'master' of github.com:nodemailer/wildduck
  • c1abce1 do not COPY if QUOTA is full
  • 51414fb Fix custom 2fa api response (#262)
  • 977c36a Fix #254
  • ec68d1e Merge pull request #257 from louis-lau/docker-fixes
  • b4611d3 Use sane defaults in the example docker-compose
  • ed9160a Add openssl dependency to dockerfile
  • f4bbc9f tests
  • 5abdac4 updated API handling for autoreplies
  • 89d592f Added auditing docs
  • 546bc2f updated commit hash
  • e7413df updated cursor schema
  • e29c51e updated commit hashes
  • d06acd9 v1.28.1
  • 04370fc fixed invalid headers handling
  • 0587c29 Added missing index and address handler
  • 408aadc bumped commit hashes
  • a4d400a v1.28.0
  • f7b0463 updated commit hashes#
  • 3d6c33a Merge pull request #249 from nodemailer/upgrade-joi-attempt-n

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

@snyk-bot
fix: package.json to reduce vulnerabilities
fa5d3c1 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot