[Snyk] Upgrade ethereum-input-data-decoder from 0.3.0 to 0.4.2

[BitcoinOutput]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade ethereum-input-data-decoder from 0.3.0 to 0.4.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.
• The recommended version was released 9 months ago, on 2022-07-30.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-NUNJUCKS-1079083	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-SIMPLEGET-2361683	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COOKIEJAR-3149984	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ethereum-input-data-decoder

• 0.4.2 - 2022-07-30
• 0.4.1 - 2022-03-16
• 0.4.0 - 2022-02-10
• 0.3.5 - 2021-09-11
• 0.3.4 - 2021-08-22
• 0.3.2 - 2021-03-31
• 0.3.1 - 2020-07-23
• 0.3.0 - 2019-12-23

from ethereum-input-data-decoder GitHub release notes

Commit messages

Package name: ethereum-input-data-decoder

• f4e677a Update dependency version
• 8477dc6 Bump patch version
• fea2cd9 Decode JSON string
• 16bafe9 Remove log
• b5d029e Add test case. R4R: add receivedPackage for reconciliation bnb-chain/bsc-genesis-contract#36
• a38601c Bump minor version
• 4769555 Bug fixes and use ethers AbiCoder to decode function data where possible
• c727af7 Bump version
• 587d7a0 Merge branch 'plutalov-master'
• 77249fa Remove the redundant dependency
• eb5bc44 Add real TypeScript definitions
• 1a2484b Bump version
• 863273a Merge branch 'roderik-master'
• 9469a28 fix: upgrade meow to fix CVE issues
• a19603a Bump version
• 0c012ff Merge branch 'alexcampbelling-fix/nested-tuple-array'
• 1613760 Merge branch 'fix/nested-tuple-array' of https://github.com/alexcampbelling/ethereum-input-data-decoder into alexcampbelling-fix/nested-tuple-array
• 3b89e05 Update package.json
• bfbd0c1 Merge branch 'NunoAlexandre-master'
• e4e4cf4 Make lib importable on typescript projects
• 2940c6e Typuple type to null
• 736e176 Comments
• b170a4a removed comments
• d54eea8 builds

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs