Bump express from 4.16.4 to 4.17.3 #64
6 new issues (0 max.) of at least minor severity.
Annotations
Check notice on line 861 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L861
Insecure dependency npm/cookie@0.4.2 (CVE-2024-47764: cookie: cookie accepts cookie name, path, and domain with out of bounds characters) (update to 0.7.0)
Check warning on line 1272 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1272
Insecure dependency npm/express@4.17.3 (CVE-2024-29041: express: cause malformed URLs to be evaluated) (update to 4.19.2)
Check notice on line 1272 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L1272
Insecure dependency npm/express@4.17.3 (CVE-2024-43796: express: Improper Input Handling in Express Redirects) (update to 4.20.0)
Check failure on line 3324 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L3324
Insecure dependency npm/qs@6.5.2 (CVE-2022-24999: express: "qs" prototype poisoning causes the hang of the node process) (update to 6.10.3)
Check notice on line 3600 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L3600
Insecure dependency npm/send@0.17.2 (CVE-2024-43799: send: Code Execution Vulnerability in Send Library) (update to 0.19.0)
Check notice on line 3619 in yarn.lock
codacy-production / Codacy Static Code Analysis
yarn.lock#L3619
Insecure dependency npm/serve-static@1.14.2 (CVE-2024-43800: serve-static: Improper Sanitization in serve-static) (update to 1.16.0)