-
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps(deps): update wagoid/commitlint-github-action action to v6.2.0 #61
Conversation
Outdated🔍 Vulnerabilities of
|
digest | sha256:e907c843e7bd858cd91fdbef98fb34c879d7ff6338b73ba1c94df7a07c58e586 |
vulnerabilities | |
platform | linux/amd64 |
size | 52 MB |
packages | 216 |
📦 Base Image alpine:3
also known as |
|
digest | sha256:2c43f33bd1502ec7818bce9eea60e062d04eeadc4aa31cad9dabecb1e48b647b |
vulnerabilities |
cross-spawn
|
Affected range | >=7.0.0 |
Fixed version | 7.0.5 |
CVSS Score | 7.5 |
CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
EPSS Score | 0.045% |
EPSS Percentile | 18th percentile |
Description
Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.
🔍 Vulnerabilities of
|
digest | sha256:e907c843e7bd858cd91fdbef98fb34c879d7ff6338b73ba1c94df7a07c58e586 |
vulnerabilities | |
platform | linux/amd64 |
size | 52 MB |
packages | 216 |
📦 Base Image alpine:3
also known as |
|
digest | sha256:2c43f33bd1502ec7818bce9eea60e062d04eeadc4aa31cad9dabecb1e48b647b |
vulnerabilities |
cross-spawn
|
Affected range | >=7.0.0 |
Fixed version | 7.0.5 |
CVSS Score | 7.5 |
CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
EPSS Score | 0.045% |
EPSS Percentile | 18th percentile |
Description
Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.
Recommended fixes for image
|
Name | 3.21.0 |
Digest | sha256:2c43f33bd1502ec7818bce9eea60e062d04eeadc4aa31cad9dabecb1e48b647b |
Vulnerabilities | |
Pushed | 1 week ago |
Size | 3.6 MB |
Packages | 19 |
OS | 3.21.0 |
The base image is also available under the supported tag(s):3.21
,3.21.0
,latest
Refresh base image
Rebuild the image using a newer base image version. Updating this may result in breaking changes.✅ This image version is up to date.
Change base image
✅ There are no tag recommendations at this time.
This PR contains the following updates:
v6.1.2
->v6.2.0
Release Notes
wagoid/commitlint-github-action (wagoid/commitlint-github-action)
v6.2.0
Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.