[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1365

NOUIY · 2024-12-24T05:54:43Z

Snyk has created this PR to upgrade firebase from 7.10.0 to 7.24.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 510 versions ahead of your current version.
The recommended version was released 4 years ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Arbitrary File Overwrite SNYK-JS-TAR-1536528	624	No Known Exploit
Arbitrary File Overwrite SNYK-JS-TAR-1536531	624	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579147	624	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579152	624	No Known Exploit
Arbitrary File Write SNYK-JS-TAR-1579155	624	No Known Exploit
Prototype Pollution SNYK-JS-Y18N-1021887	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	624	Proof of Concept
Prototype Pollution SNYK-JS-GRPC-598671	624	Proof of Concept
Prototype Pollution SNYK-JS-INI-1048974	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	624	Proof of Concept
Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	624	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-559764	624	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-559764	624	Proof of Concept
Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	624	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	624	No Known Exploit
Regular Expression Denial of Service (ReDoS) npm:debug:20170905	624	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	624	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	624	Proof of Concept

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade firebase from 7.10.0 to 7.24.0. See this package in yarn: firebase See this project in Snyk: https://app.snyk.io/org/nexuscompute/project/e46ba81d-9d87-4238-9a8d-5c16e0d4b5bf?utm_source=github&utm_medium=referral&page=upgrade-pr

guardrails · 2024-12-24T06:34:01Z

⚠️ We detected 5 security issues in this pull request:

Vulnerable Libraries (5)

Severity	Details
Medium	pkg:npm/[email protected] (t) upgrade to: 2.6.9,3.1.0,3.2.7,4.3.1
Medium	pkg:npm/[email protected] (t) upgrade to: 10.9.0
High	pkg:npm/[email protected] (t) upgrade to: 1.3.6
High	pkg:npm/[email protected] (t) upgrade to: 3.1.1,2.6.7
High	pkg:npm/[email protected] (t) upgrade to: 3.2.2,4.0.1,5.0.5

More info on how to fix Vulnerable Libraries in JavaScript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1365

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1365

NOUIY commented Dec 24, 2024

guardrails bot commented Dec 24, 2024

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1365

Are you sure you want to change the base?

[Snyk] Upgrade firebase from 7.10.0 to 7.24.0 #1365

Conversation

NOUIY commented Dec 24, 2024

Snyk has created this PR to upgrade firebase from 7.10.0 to 7.24.0.

Issues fixed by the recommended upgrade:

guardrails bot commented Dec 24, 2024