Skip to content
This repository was archived by the owner on Feb 6, 2025. It is now read-only.

chore(deps): update dependency loader-utils [security]#610

Closed
renovate[bot] wants to merge 1 commit intodevelopfrom
renovate/npm-loader-utils-vulnerability
Closed

chore(deps): update dependency loader-utils [security]#610
renovate[bot] wants to merge 1 commit intodevelopfrom
renovate/npm-loader-utils-vulnerability

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 17, 2023

Mend Renovate

This PR contains the following updates:

Package Change
loader-utils 2.0.0 -> 2.0.4
loader-utils 1.4.0 -> 1.4.2

GitHub Vulnerability Alerts

CVE-2022-37601

Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils prior to version 2.0.3 via the name variable in parseQuery.js.

CVE-2022-37599

A regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils via the resourcePath variable in interpolateName.js. A badly or maliciously formed string could be used to send crafted requests that cause a system to crash or take a disproportional amount of time to process. This issue has been patched in versions 1.4.2, 2.0.4 and 3.2.1.

CVE-2022-37603

A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js. A badly or maliciously formed string could be used to send crafted requests that cause a system to crash or take a disproportional amount of time to process. This issue has been patched in versions 1.4.2, 2.0.4 and 3.2.1.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 24, 2023
@renovate renovate bot closed this Mar 24, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 24, 2023 13:45
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 24, 2023
@renovate renovate bot reopened this Mar 24, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 24, 2023 18:50
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 24, 2023
@renovate renovate bot closed this Mar 24, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 24, 2023 20:34
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 25, 2023
@renovate renovate bot reopened this Mar 25, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 25, 2023 00:23
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 25, 2023
@renovate renovate bot closed this Mar 25, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 25, 2023 01:48
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 25, 2023
@renovate renovate bot reopened this Mar 25, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 25, 2023 06:48
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 27, 2023
@renovate renovate bot closed this Mar 27, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 27, 2023 19:46
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 27, 2023
@renovate renovate bot reopened this Mar 27, 2023
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 28, 2023
@renovate renovate bot closed this Mar 28, 2023
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 28, 2023
@renovate renovate bot reopened this Mar 28, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 28, 2023 06:02
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 28, 2023
@renovate renovate bot closed this Mar 28, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 28, 2023 07:15
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 28, 2023
@renovate renovate bot reopened this Mar 28, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 28, 2023 11:58
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 28, 2023
@renovate renovate bot closed this Mar 28, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 28, 2023 13:10
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 28, 2023
@renovate renovate bot reopened this Mar 28, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 28, 2023 18:42
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 30, 2023
@renovate renovate bot closed this Mar 30, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 30, 2023 00:12
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 30, 2023
@renovate renovate bot reopened this Mar 30, 2023
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 30, 2023
@renovate renovate bot closed this Mar 30, 2023
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 30, 2023
@renovate renovate bot reopened this Mar 30, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 30, 2023 07:15
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] chore(deps): update dependency loader-utils [security] - autoclosed Mar 30, 2023
@renovate renovate bot closed this Mar 30, 2023
@renovate renovate bot deleted the renovate/npm-loader-utils-vulnerability branch March 30, 2023 08:54
@renovate renovate bot changed the title chore(deps): update dependency loader-utils [security] - autoclosed chore(deps): update dependency loader-utils [security] Mar 30, 2023
@renovate renovate bot reopened this Mar 30, 2023
@renovate renovate bot restored the renovate/npm-loader-utils-vulnerability branch March 30, 2023 14:50
@khriztianmoreno khriztianmoreno deleted the renovate/npm-loader-utils-vulnerability branch January 29, 2024 13:28
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@khriztianmoreno