chore(monorepo): update pnpm.catalog.default minimatch to v10.2.3 [security]#210
chore(monorepo): update pnpm.catalog.default minimatch to v10.2.3 [security]#210renovate[bot] wants to merge 1 commit into
168 new alerts including 3 critical severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 3 critical
- 81 high
- 67 medium
- 17 low
Alerts not introduced by this pull request might have been detected because the code changes were too large.
See annotations below for details.
Annotations
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
Vite: Vite: Information disclosure via WebSocket connection bypasses access control High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse() High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-forge: node-forge ASN.1 Unbounded Recursion High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
lodash: lodash: Arbitrary code execution via untrusted input in template imports High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
handlebars.js: Handlebars: Arbitrary code execution via CLI precompiler input sanitization flaw High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
undici: undici: Denial of Service via crafted WebSocket frame with large length High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
tar: tar: File overwrite via drive-relative symlink traversal High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
node-tar: hardlink path traversal via drive-relative linkpath High