Skip to content

fix: update vulnerable dependencies version

Rashaad Gray requested to merge slb/rg/snyk-vul-updates into master

Type of change

  • Bug Fix
  • Feature
  • Pipeline
  • Test
  • Documentation

Does this introduce a change in the core logic?

  • No
  • Yes

Does this introduce a change in the cloud provider implementation, if so which cloud?

  • AWS
  • Anthos
  • Azure
  • GCP
  • IBM

Does this follow conventional commits spec?

  • No
  • Yes

Have you set the target Milestone?

  • No
  • Yes

Have you set the no-detached-pipeline label?

  • No
  • Yes

Updates description?

Updates vulnerable SDMS-v3 package version of axios https://www.cve.org/CVERecord?id=CVE-2024-39338 Updates vulnerable SDMS-v4 package version of axios https://www.cve.org/CVERecord?id=CVE-2024-39338 Updates vulnerable Sidecar package version of System.Text.Json https://www.cve.org/CVERecord?id=CVE-2024-30105

Edited by Rashaad Gray

Merge request reports