Snyk Package Analysis - Package Vulnerabilities

[dev-script]

Introduced through: express-gateway@1.16.11

High Severity

• Fixed In: ejs@3.1.7 (Remote Code Execution (RCE))
• Fixed in: pac-resolver@5.0.0 (Remote Code Execution (RCE))
• Fixed in: ansi-regex@3.0.1, @4.1.1, @5.0.1, @6.0.1 (Regular Expression Denial of Service (ReDoS))
• Fixed in: axios@1.6.4 (Prototype Pollution)
• Fixed in: unset-value@2.0.1 (Prototype Pollution)

Medium Severity

• Fixed in: express-gateway@1.16.11 › yeoman-environment@2.10.3 › globby@8.0.2 › glob@7.2.3 › inflight@1.0.6 (Missing Release of Resource after Effective Lifetime)
• Fixed in: glob-parent@5.1.2 (Regular Expression Denial of Service (ReDoS))
• Fixed in: jsonwebtoken@9.0.0 (Use of a Broken or Risky Cryptographic Algorithm)
• Fixed in: got@11.8.5, @12.1.0 (Open Redirect)
• Fixed in: redis@3.1.1 (Regular Expression Denial of Service (ReDoS))
• Fixed in : passport@0.6.0 (Session Fixation)