[Snyk] Security upgrade serverless-azure-functions from 0.2.0 to 1.0.0 #180

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

mdno wants to merge 1 commit into master from snyk-fix-125d9d99f140d5d6ec41647e4014b144

Owner

mdno commented Sep 17, 2024

Snyk has created this PR to fix 11 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

azure-node-simple-http-endpoint/package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Improper Input Validation SNYK-JS-XMLDOM-3092935	811
	Authentication Bypass SNYK-JS-HAWK-6969142	786
	Remote Memory Exposure SNYK-JS-BL-608877	706
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	696
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	646
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	646
	Prototype Pollution SNYK-JS-XMLDOM-3042242	639
	Prototype Pollution npm:hoek:20180212	636
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HAWK-2808852	584
	Uninitialized Memory Exposure npm:tunnel-agent:20170305	576
	Improper Input Validation SNYK-JS-XMLDOM-1534562	539

Important

Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Authentication Bypass
🦉 Server-side Request Forgery (SSRF)
🦉 More lessons are available in Snyk Learn


          fix: azure-node-simple-http-endpoint/package.json to reduce vulnerabi…

a3aedea

…lities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-XMLDOM-3092935
- https://snyk.io/vuln/SNYK-JS-HAWK-6969142
- https://snyk.io/vuln/SNYK-JS-BL-608877
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-REQUEST-3361831
- https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873
- https://snyk.io/vuln/SNYK-JS-XMLDOM-3042242
- https://snyk.io/vuln/npm:hoek:20180212
- https://snyk.io/vuln/SNYK-JS-HAWK-2808852
- https://snyk.io/vuln/npm:tunnel-agent:20170305
- https://snyk.io/vuln/SNYK-JS-XMLDOM-1534562

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet