[go: up one dir, main page]

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade mongodb from 3.5.9 to 3.7.3 #11

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade mongodb from 3.5.9 to 3.7.3.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 20 versions ahead of your current version.
  • The recommended version was released 4 months ago, on 2021-10-20.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Remote Memory Exposure
SNYK-JS-BL-608877
492/1000
Why? Proof of Concept exploit, CVSS 7.7
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: mongodb from mongodb GitHub release notes
Commit messages
Package name: mongodb
  • b42e8b3 chore(release): 3.7.3
  • 428e6d3 fix(NODE-3515): do proper opTime merging in bulk results (#3011)
  • 564b0d7 test(NODE-3606): legacy and new versions of the CSFLE library (#3002)
  • 7c5a7bb chore(release): 3.7.2
  • ec23d63 chore(NODE-3622): bump optional-require for additional yarn berry pnp support (#2989)
  • 28f721d chore(release): 3.7.1
  • 910c564 feat(NODE-3424): use hello for monitoring commands (#2964)
  • 44df7d7 chore(release): 3.7.0
  • 1a76618 fix: versioned api low node compat fix (#2970)
  • 7602f68 docs(NODE-3406): add versioned api examples (#2969)
  • a07aa56 test(NODE-3409): support AWS temp credentials in CSFLE tests (#2968)
  • eae0e05 chore(NODE-3303): deprecate md5 hash and isConnected (#2960)
  • 77ab63e test(NODE-3387): correctly extract findOneX values in unified operations (#2966)
  • 96c8ab4 fix(NODE-3377): driver should allow arbitrary explain levels (#2961)
  • 4c25984 chore: sync 3.6 changes to 3.7 (#2963)
  • e5975af fix(NODE-3463): pass explain error through to callback (#2949)
  • 238a4b0 fix(NODE-3290): versioned api validation and tests (#2869)
  • 91a2fc9 Merge remote-tracking branch 'origin/3.6' into 3.7
  • 6ee945e chore(NODE-3316): add author info and update bug url in package.json (#2887)
  • ecc930b test(NODE-3381): command monitoring redaction tests (#2873)
  • 1297cd1 chore(release): 3.6.10
  • e9196ab refactor(NODE-3324): bump max wire version to 13 (#2875)
  • 3ce148d fix(NODE-3397): report more helpful error with unsupported authMechanism in initial handshake (#2876)
  • 558182f test(NODE-3307): unified runner does not assert identical keys (#2867)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant