[Snyk] Fix for 13 vulnerabilities

[fredfrazao]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
• package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	No	Proof of Concept
	676/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.1	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	No	Proof of Concept
	344/1000 Why? Has a fix available, CVSS 2.6	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	No	No Known Exploit
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	No	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	No	Proof of Concept
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	No	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: amplitude

The new version differs by 17 commits.

• 322ce14 5.1.4
• fc78b48 update changelog
• acbf0e4 5.1.3
• 172ba48 Update deps
• 0604b45 update CHANGELOG
• 1181023 Merge pull request New option --parse to return parse errors nvuillam/npm-groovy-lint#25 from geoffdutton/snyk-upgrade-4a386ccd3137153d3ca07b1df7aa91f1
• d4a3f09 fix: upgrade axios from 0.20.0 to 0.21.0
• c6fc724 Merge pull request Test MacCI nvuillam/npm-groovy-lint#21 from geoffdutton/snyk-upgrade-d8488a1a7ef63f84daa9d520889def88
• 6c778a9 Merge pull request Run CodeNarcServer on Mac/Linux nvuillam/npm-groovy-lint#22 from geoffdutton/dependabot/npm_and_yarn/node-fetch-2.6.1
• 4056acf Bump node-fetch from 2.6.0 to 2.6.1
• ae988de fix: upgrade axios from 0.19.2 to 0.20.0
• bba0744 Merge pull request Fix formatting + rules nvuillam/npm-groovy-lint#20 from geoffdutton/chore/remove-ecmascript-version-detector
• c5c1b32 remove unused package, update patches
• d917721 Merge pull request [Snyk] Security upgrade alpine from 3.16.9 to 3.19.4 #19 from geoffdutton/dependabot/npm_and_yarn/codecov-3.7.1
• 4c6ddaf Bump codecov from 3.7.0 to 3.7.1
• a0fb401 repalce greenkeeper badge
• cd4477d revert to lower dev dep versions to support node

See the full diff

Package name: axios

The new version differs by 250 commits.

• b15b918 chore(release): v1.6.3 (#6151)
• b76cce0 chore(ci): added branches filter for notify action; (#6084)
• 5e7ad38 fix: Regular Expression Denial of Service (ReDoS) (#6132)
• 8befb86 docs: update alloy link (#6145)
• d18f40d docs: add headline sponsors
• b3be365 chore(release): v1.6.2 (#6082)
• 8739acb chore(ci): removed redundant release action; (#6081)
• bfa9c30 chore(docs): fix outdated grunt to npm scripts (#6073)
• a2b0fb3 chore(docs): update README.md (#6048)
• b12a608 chore(ci): removed paths-ignore filter; (#6080)
• 0c9d886 chore(ci): reworked ignoring files logic; (#6079)
• 30873ee chore(ci): add paths-ignore config to testing action; (#6078)
• cff9967 feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; (#6046)
• 7009715 chore(ci): fixed release notification action; (#6064)
• 7144f10 chore(ci): fixed release notification action; (#6063)
• f6d2cf9 chore(ci): fix publish action content permission; (#6061)
• a22f4b9 chore(release): v1.6.1 (#6060)
• cb8bb2b chore(ci): Publish to NPM with provenance (#5835)
• 37cbf92 chore(ci): added labeling and notification for published PRs; (#6059)
• dd465ab fix(formdata): fixed content-type header normalization for non-standard browser environments; (#6056)
• 3dc8369 fix(platform): fixed emulated browser detection in node.js environment; (#6055)
• f7adacd chore(release): v1.6.0 (#6031)
• 9917e67 chore(ci): fix release-it arg; (#6032)
• 96ee232 fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)

See the full diff

Package name: debug

The new version differs by 34 commits.

• 0d3d66b 4.3.1
• b6d12fd fix regression
• 3f56313 4.3.0
• e2d3bc9 add deprecation notice for debug.destroy()
• 72e7f86 fix memory leak within debug instance
• 27152ca add test for enable/disable of existing instances
• 22e13fe fix quoted percent sign
• 80ef62a 4.2.0
• 09914af Marks supports-color as an *optional* peer dependency
• db306db Update and pin ms to 2.1.2
• 6b07f9e Fixes: Unable to take control over selectColor #747
• 0c1d518 remove dead code and fix lowercase comment (for linter)
• 4acdeed run linter inside of test script
• 3f4d724 Add "engines" to `package.json` (#680)
• 608fca9 Update ISSUE_TEMPLATE.md
• 5c7c61d fix links in issue templates
• 976f8d2 add issue and pull request templates
• 982c12c test: only run coveralls on travis
• 825d35a copy custom logger to namespace extension (fixes #646)
• 5528572 use console.debug() in browser when available (closes #600)
• c0127b1 remove examples folder (closes #650)
• 94583b6 remove build system (closes #652)
• 0e94034 update development dependencies
• ad551e2 add Josh Junon to contributors

See the full diff

Package name: glob

The new version differs by 121 commits.

• a68703e 9.0.0
• 58159ca test: cwd can be a url
• a547a9c more docs
• 42a3ac7 link to bash manual for Pattern Matching
• 474172d update readme with cwd URL support
• ad3904d update readme with posix class support
• b22fc7d minimatch@7.3.0
• cdd1627 update all the things, remove unused mkdirp types
• 75c6416 Merge branch 'v9'
• fa0cd77 cwd can be a file:// url
• d03ed0a typedoc github action
• 9a5a45a put bench results in readme
• 20b2f88 docs, fix benchmark script
• 4829c88 upgrade ci actions
• 5cbacdd minimatch@7.2.0
• 210310b omit symlinks on windows
• d34c8d5 full test coverage, clean up signals and remove extranous code
• 5f21b46 adding lots of tests, clean up types
• b12e6ba slashes on nodir test
• 75f74b0 more windows test slashes
• 3aa1abd more windows test affordances
• 3e68a7b some windows test affordances
• 8c2e082 feature complete and tests passing
• c3be35a correct ** vs ./** behavior

See the full diff

Package name: ip

The new version differs by 10 commits.

• 1ecbf2f 1.1.9
• 6a3ada9 lib: fixed CVE-2023-42282 and added unit test
• 5dc3b2f 1.1.8
• 8e6f28b lib: even better node 6 support
• 088c9e5 1.1.7
• 1a4ca35 lib: add back support for Node.js 6
• af82ef4 1.1.6
• dba19f6 package: exclude test folder from publishing
• 7cd7f30 ci: use github workflows
• 4de50ae lib: node 18 support

See the full diff

Package name: java-caller

The new version differs by 25 commits.

• 2a6741e 3.0.0
• 6fc6e1b Changelog
• b5af6a1 Update dependencies (loadConfig exposure + fix tmp ruleset file nvuillam/npm-groovy-lint#33)
• 04477c3 Update actions/checkout action to v4 (--format doesn't respect custom Indentation nvuillam/npm-groovy-lint#31)
• d1f85f7 Update all non-major dependencies (Configuration enhancements + Updated fix rules nvuillam/npm-groovy-lint#30)
• 55c8131 Configure Renovate (Can this be changed to support "global" .groovylintrc.json files? nvuillam/npm-groovy-lint#29)
• 2bb9f5c 2.7.0
• 0c4238b changelog
• 8bde472 add stdoutEncoding option (Disable rules using comments in source , eslint style nvuillam/npm-groovy-lint#26)
• ed9d717 2.6.0
• e9f419e JAVA_CALLER_JAVA_EXECUTABLE env var management (4.1.1: New fix rules  nvuillam/npm-groovy-lint#24)
• 708e1b3 Fix using --javaexecutable in Linux (Upgrade to Groovy v3.0.3 + Refactoring nvuillam/npm-groovy-lint#23)
• 69e96f5 config (Run CodeNarcServer on Mac/Linux nvuillam/npm-groovy-lint#22)
• 7a42541 2.5.0
• cdeb9cd Upgrade NPM dependencies & MegaLinter (Test MacCI nvuillam/npm-groovy-lint#21)
• 7680193 Upgrade to MegaLinter v5 ([Snyk] Security upgrade alpine from 3.16.9 to 3.19 #15)
• 25f7b24 icon
• 34d6664 2.4.0
• c1ec288 Allow to send javaArgs in options ([Snyk] Security upgrade alpine from 3.16.9 to 3 #14)
• 34fbf0f Update .cspell.json
• 9c9a1fd 2.3.0
• 0421b65 changelog
• 0827aca Support absolute paths in the classPaths. Support classPath string arrays. ([Snyk] Upgrade find-java-home from 1.1.0 to 1.2.2 #12)
• 050c48a Update Mega-linter config

See the full diff

Package name: semver

The new version differs by 96 commits.

• e7b78de chore: release 7.5.2
• 58c791f fix: diff when detecting major change from prerelease (#566)
• 5c8efbc fix: preserve build in raw after inc (#565)
• 717534e fix: better handling of whitespace (#564)
• 2f738e9 chore: bump @ npmcli/template-oss from 4.14.1 to 4.15.1 (#558)
• aa016a6 chore: release 7.5.1
• d30d25a fix: show type on invalid semver error (#559)
• 09c69e2 chore: bump @ npmcli/template-oss from 4.13.0 to 4.14.1 (#555)
• 5b02ad7 chore: release 7.5.0
• e219bb4 fix: throw on bad version with correct error message (#552)
• 503a4e5 feat: allow identifierBase to be false (#548)
• fc2f3df fix: incorrect results from diff sometimes with prerelease versions (#546)
• 2781767 fix: avoid re-instantiating SemVer during diff compare (#547)
• 82aa7f6 chore: release 7.4.0
• 731d896 chore: enable CD (#545)
• 940723d fix: intersects with v0.0.0 and v0.0.0-0 (#538)
• aa516b5 fix: faster parse options (#535)
• 61e6ea1 fix: faster cache key factory for range (#536)
• f8b8b61 fix: optimistic parse (#541)
• 796cbe2 fix: semver.diff prerelease to release recognition (#533)
• 3f222b1 fix: reuse comparators on subset (#537)
• 113f513 feat: identifierBase parameter for .inc (#532)
• ea689bc chore: basic type test for RELEASE_TYPES
• c5d29df docs: Add "Constants" section to README

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"amplitude","from":"5.1.2","to":"5.1.4"},{"name":"axios","from":"0.21.1","to":"1.6.3"},{"name":"debug","from":"4.1.1","to":"4.3.1"},{"name":"glob","from":"7.1.6","to":"9.0.0"},{"name":"ip","from":"1.1.5","to":"1.1.9"},{"name":"java-caller","from":"2.2.4","to":"3.0.0"},{"name":"semver","from":"7.3.2","to":"7.5.2"}],"env":"prod","issuesToFix":[{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-AXIOS-1038255","priority_score":616,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Server-Side Request Forgery (SSRF)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-AXIOS-1579269","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-AXIOS-6032459","priority_score":676,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.1","score":355},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cross-site Request Forgery (CSRF)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-AXIOS-6124857","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-AXIOS-1579269","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-AXIOS-6032459","priority_score":676,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.1","score":355},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Cross-site Request Forgery (CSRF)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-AXIOS-6124857","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-FOLLOWREDIRECTS-2332181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-FOLLOWREDIRECTS-2396346","priority_score":344,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"2.6","score":130},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Information Exposure"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-FOLLOWREDIRECTS-2332181","priority_score":586,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-FOLLOWREDIRECTS-2396346","priority_score":344,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"2.6","score":130},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Information Exposure"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":686,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.3","score":365},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-FOLLOWREDIRECTS-6444610","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-INFLIGHT-6095116","priority_score":631,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.2","score":310},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Missing Release of Resource after Effective Lifetime"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-IP-6240864","priority_score":751,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.6","score":430},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Server-side Request Forgery (SSRF)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-SEMVER-3247795","priority_score":696,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-TAR-6476909","priority_score":646,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"Proof of Concept","id":"npm:debug:20170905","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"npm:debug:20170905","priority_score":506,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"3.7","score":185},{"type":"scoreVersion","label":"v1","score":1}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"}],"prId":"d55b11ad-5b58-4ccc-bf7f-ed327b3c2933","prPublicId":"d55b11ad-5b58-4ccc-bf7f-ed327b3c2933","packageManager":"npm","priorityScoreList":[616,696,676,586,586,344,686,646,631,751,696,646,506],"projectPublicId":"757f5809-783a-43a2-8d77-85bddf232987","projectUrl":"https://app.snyk.io/org/fredfrazao/project/757f5809-783a-43a2-8d77-85bddf232987?utm_source=github&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"user-initiated","upgrade":["SNYK-JS-AXIOS-1038255","SNYK-JS-AXIOS-1579269","SNYK-JS-AXIOS-6032459","SNYK-JS-AXIOS-6124857","SNYK-JS-FOLLOWREDIRECTS-2332181","SNYK-JS-FOLLOWREDIRECTS-2396346","SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-FOLLOWREDIRECTS-6444610","SNYK-JS-INFLIGHT-6095116","SNYK-JS-IP-6240864","SNYK-JS-SEMVER-3247795","SNYK-JS-TAR-6476909","npm:debug:20170905"],"vulns":["SNYK-JS-AXIOS-1038255","SNYK-JS-AXIOS-1579269","SNYK-JS-AXIOS-6032459","SNYK-JS-AXIOS-6124857","SNYK-JS-FOLLOWREDIRECTS-2332181","SNYK-JS-FOLLOWREDIRECTS-2396346","SNYK-JS-FOLLOWREDIRECTS-6141137","SNYK-JS-FOLLOWREDIRECTS-6444610","SNYK-JS-INFLIGHT-6095116","SNYK-JS-IP-6240864","SNYK-JS-SEMVER-3247795","SNYK-JS-TAR-6476909","npm:debug:20170905"],"patch":[],"isBreakingChange":true,"remediationStrategy":"vuln"}'

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-Side Request Forgery (SSRF)
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Cross-site Request Forgery (CSRF)
🦉 More lessons are available in Snyk Learn