Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade admin-lte from 2.4.9 to 3.0.0 #149

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade admin-lte from 2.4.9 to 3.0.0 #149

wants to merge 1 commit into from
+1,184 −652

Conversation

rwwiv
Copy link
Owner

@rwwiv rwwiv commented Feb 3, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • server/frontend/package.json
    • server/frontend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 601/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6		 Prototype Pollution
SNYK-JS-JQUERY-174006		 Yes Proof of Concept
medium severity 701/1000
Why? Mature exploit, Has a fix available, CVSS 6.3		 Cross-site Scripting (XSS)
SNYK-JS-JQUERY-565129		 Yes Mature
medium severity 711/1000
Why? Mature exploit, Has a fix available, CVSS 6.5		 Cross-site Scripting (XSS)
SNYK-JS-JQUERY-567880		 Yes Mature

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: admin-lte The new version differs by 250 commits.
  • e78ee8d prep version
  • 5198872 updated README.md
  • b7a1c87 fixed card default border after adding nav tabs support
  • 2ea45f2 fixed labels in issue templates
  • 6457d31 added forget password & recover password demo
  • c4b9059 added new issue templates
  • bed1408 updated install instructions in docs/index.md
  • 54adf72 fixed focus border in mozilla (bug with focusring removal)
  • d5404fb removed node_js 9 from .travis.yml
  • ec0cf8a corrected select2 paddings to change look similar to form-control/custom-form select
  • 4d13072 added job exclude in .travis.yml
  • 08c597d added .travis.yml
  • 67024d8 added .nav-legacy & .nav-collapse-hide-child docs part
  • 60830bb fixed select2 paddings/margins
  • 448556d fixed mozilla focusring outline
  • e8ddb64 removed mozilla dotted border from focus links
  • e7d646c some little fixes
  • 090bffc prep version
  • 9252541 enhanced scss structure & compiled size
  • f60e062 changed user-image size/margin in .user-menu
  • 139fbd3 fixed box-shadow with select2 bootstrap4 theme
  • 242ef89 fixed select2 init bug in forms/advanced.html
  • acf9fe8 added bs-custom-file-input plugin
  • 247b797 changed input placeholder color with lighten

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Cross-site Scripting (XSS)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@rwwiv @snyk-bot