[Snyk] Upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2 #916

mjperrins · 2024-05-23T16:08:07Z

This PR was automatically created by Snyk using the credentials of a real user.

![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 70 versions ahead of your current version.
The recommended version was released 3 years ago, on 2021-07-14.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Prototype Pollution SNYK-JS-LODASH-608086	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-6139239	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Remote Memory Exposure SNYK-JS-BL-608877	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Remote Memory Exposure SNYK-JS-BL-608877	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Denial of Service (DoS) SNYK-JS-JPEGJS-2859218	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Heap-based Buffer Overflow SNYK-JS-CWEBPBIN-5923346	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Mature
Information Exposure SNYK-JS-SIMPLEGET-2361683	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Command Injection SNYK-JS-LODASH-1040724	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-567746	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-DECOMPRESS-557358	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2935944	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Information Exposure SNYK-JS-PARSEURL-2935947	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Server-side Request Forgery (SSRF) SNYK-JS-PARSEURL-2936249	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:underscore.string:20170908	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-PARSEURL-2942134	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept
Denial of Service (DoS) SNYK-JS-JPEGJS-570039	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: gatsby-theme-carbon

1.30.2 - 2021-07-14
1.30.2 (2021-07-14)

Fixes
- Update ibm.com Switcher URL
- 404 page link color
1.30.1 - 2021-06-21
1.30.1 (2021-06-21)

Bug Fixes
- cover gap between page tabs and shell (0bccf8f)
1.30.0 - 2021-06-15
1.30.0 (2021-06-15)

Features
- add option to remove site switcher from header (#1132) (06ab644)
1.29.2 - 2021-05-17
1.29.2 (2021-05-17)

Bug Fixes
- remove light prop (#1126) (b5da16b)
1.29.1 - 2021-05-03
1.29.1 (2021-05-03)
1.29.0 - 2021-04-19
1.28.0 - 2021-04-01
1.27.3 - 2021-01-22
1.27.2 - 2021-01-06
1.27.1 - 2020-11-23
1.27.0 - 2020-10-22
1.26.18 - 2020-10-10
1.26.17 - 2020-10-10
1.26.16 - 2020-10-09
1.26.13 - 2020-10-08
1.26.12 - 2020-10-06
1.26.11 - 2020-09-24
1.26.10 - 2020-09-17
1.26.9 - 2020-08-16
1.26.8 - 2020-08-14
1.26.7 - 2020-08-04
1.26.6 - 2020-07-24
1.26.5 - 2020-07-22
1.26.4 - 2020-07-21
1.26.3 - 2020-07-21
1.26.2 - 2020-07-17
1.26.1 - 2020-07-16
1.26.0 - 2020-07-16
1.25.2 - 2020-07-11
1.25.1 - 2020-07-01
1.25.0 - 2020-06-26
1.25.0-alpha.3 - 2020-05-12
1.25.0-alpha.2 - 2020-05-11
1.25.0-alpha.1 - 2020-05-08
1.25.0-alpha.0 - 2020-04-30
1.24.4 - 2020-06-12
1.24.3 - 2020-05-28
1.24.2 - 2020-05-12
1.24.1 - 2020-04-30
1.24.0 - 2020-04-24
1.24.0-alpha.1 - 2020-04-17
1.24.0-alpha.0 - 2020-04-17
1.23.2 - 2020-04-17
1.23.1 - 2020-04-17
1.23.0 - 2020-04-17
1.23.0-alpha.11 - 2020-04-17
1.23.0-alpha.10 - 2020-04-17
1.23.0-alpha.9 - 2020-04-17
1.23.0-alpha.8 - 2020-04-15
1.23.0-alpha.7 - 2020-04-13
1.23.0-alpha.5 - 2020-04-06
1.23.0-alpha.3 - 2020-03-18
1.23.0-alpha.2 - 2020-03-18
1.23.0-alpha.1 - 2020-03-18
1.23.0-alpha.0 - 2020-03-25
1.22.1 - 2020-03-18
1.22.0 - 2020-03-18
1.22.0-alpha.19 - 2020-03-16
1.22.0-alpha.16 - 2020-03-16
1.22.0-alpha.15 - 2020-03-16
1.22.0-alpha.13 - 2020-03-05
1.22.0-alpha.12 - 2020-03-10
1.22.0-alpha.11 - 2020-03-10
1.22.0-alpha.10 - 2020-03-06
1.22.0-alpha.8 - 2020-03-05
1.22.0-alpha.7 - 2020-03-05
1.22.0-alpha.6 - 2020-03-05
1.22.0-alpha.4 - 2020-03-05
1.22.0-alpha.3 - 2020-03-05
1.21.2 - 2020-03-05
1.21.1 - 2020-02-20

from gatsby-theme-carbon GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Snyk has created this PR to upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2. See this package in npm: gatsby-theme-carbon See this project in Snyk: https://app.snyk.io/org/mjperrins/project/2a447513-0570-44cb-b9fb-4a2006d8a651?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2 #916

[Snyk] Upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2 #916

mjperrins commented May 23, 2024

1.30.2 (2021-07-14)

Fixes

1.30.1 (2021-06-21)

Bug Fixes

1.30.0 (2021-06-15)

Features

1.29.2 (2021-05-17)

Bug Fixes

1.29.1 (2021-05-03)

[Snyk] Upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2 #916

Are you sure you want to change the base?

[Snyk] Upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2 #916

Conversation

mjperrins commented May 23, 2024

Snyk has created this PR to upgrade gatsby-theme-carbon from 1.21.1 to 1.30.2.

1.30.2 (2021-07-14)

Fixes

1.30.1 (2021-06-21)

Bug Fixes

1.30.0 (2021-06-15)

Features

1.29.2 (2021-05-17)

Bug Fixes

1.29.1 (2021-05-03)