[Snyk] Upgrade cross-env from 7.0.2 to 7.0.3 #4

karthik-js · 2023-08-25T04:05:37Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade cross-env from 7.0.2 to 7.0.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released 3 years ago, on 2020-12-01.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Command Injection SNYK-JS-LODASH-1040724	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Prototype Pollution SNYK-JS-OBJECTPATH-1017036	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Prototype Pollution SNYK-JS-OBJECTPATH-1585658	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Arbitrary File Overwrite SNYK-JS-TAR-1536528	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536531	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579147	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579152	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579155	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Prototype Pollution SNYK-JS-UNSETVALUE-2400660	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Prototype Pollution SNYK-JS-OBJECTPATH-1569453	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Open Redirect SNYK-JS-NEXT-1540422	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Denial of Service SNYK-JS-NODEFETCH-674311	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit
Prototype Pollution SNYK-JS-MINIMIST-2429795	467/1000 Why? Proof of Concept exploit, CVSS 7.2	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	467/1000 Why? Proof of Concept exploit, CVSS 7.2	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: cross-env

7.0.3 - 2020-12-01
7.0.3 (2020-12-01)

Bug Fixes
- add maintenance mode notice (fe80c84)
7.0.2 - 2020-03-05
7.0.2 (2020-03-05)

Reverts
- Revert "fix: signal handling (#227)" (2a1f44c), closes #227

from cross-env GitHub release notes

Commit messages

Package name: cross-env

bb0287b docs: add dsbert as a contributor (#260)
6f571e1 docs: Update README.md (#259)
fe80c84 fix: add maintenance mode notice
07a91d6 chore: Update validate.yml (#255)
b2a610b chore(validate): Filter out all-contributors branches (#254)
54eec15 chore: only run push jobs on releasable branches (#253)
8edd827 chore: Switch to GitHub Actions (#251)
ed844af docs: add devuxer as a contributor (#241)
bddb4d5 docs: add multi vars example to README (#240)
9a5a9bd chore: Only release on original repo (#237)
1394cc8 chore: Test on Node 14 (#236)
dfefcab chore: update dependencies + use kcd-scripts' husky (#235)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade cross-env from 7.0.2 to 7.0.3. See this package in npm: https://www.npmjs.com/package/cross-env See this project in Snyk: https://app.snyk.io/org/karthik-js/project/23423621-3a08-4506-845f-b6ca93304a47?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Upgrade cross-env from 7.0.2 to 7.0.3 #4

[Snyk] Upgrade cross-env from 7.0.2 to 7.0.3 #4

Uh oh!

karthik-js commented Aug 25, 2023

7.0.3 (2020-12-01)

Bug Fixes

7.0.2 (2020-03-05)

Reverts

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

[Snyk] Upgrade cross-env from 7.0.2 to 7.0.3 #4

Are you sure you want to change the base?

[Snyk] Upgrade cross-env from 7.0.2 to 7.0.3 #4

Uh oh!

Conversation

karthik-js commented Aug 25, 2023

Snyk has created this PR to upgrade cross-env from 7.0.2 to 7.0.3.

7.0.3 (2020-12-01)

Bug Fixes

7.0.2 (2020-03-05)

Reverts

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants