[Snyk] Fix for 6 vulnerabilities

[renata-nerenata]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	683/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.8	Information Exposure SNYK-JS-STRAPIADMIN-5901493	No	Proof of Concept
	758/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3	Denial of Service (DoS) SNYK-JS-STRAPIADMIN-5901529	No	Proof of Concept
	683/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.8	Information Exposure SNYK-JS-STRAPIPLUGINCONTENTMANAGER-5901494	No	Proof of Concept
	733/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.8	Incorrect Authorization SNYK-JS-STRAPIPLUGINCONTENTMANAGER-5901525	No	Proof of Concept
	758/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.3	Denial of Service (DoS) SNYK-JS-STRAPIPLUGINUSERSPERMISSIONS-5901528	No	Proof of Concept
	683/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.8	Information Exposure SNYK-JS-STRAPIUTILS-5901492	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @strapi/plugin-users-permissions

The new version differs by 250 commits.

• be8985f v4.12.1
• f5107c7 Merge pull request #16507 from strapi/enhancement/perfs-wildcard-populate-sanitization
• bbfc691 Merge pull request #17475 from strapi/fix/deits-relations
• 375473a Merge pull request #16960 from marob/dev/caseInsenFilters
• d734918 Merge branch 'main' into enhancement/perfs-wildcard-populate-sanitization
• 26f7b38 Merge pull request #17490 from strapi/fix/failing-ci-test
• 180ac0c Merge branch 'main' of https://github.com/strapi/strapi into fix/deits-relations
• 6787a08 Merge branch 'main' into dev/caseInsenFilters
• 3b32ee0 Merge pull request #17512 from strapi/fix/api-partial-update-rw
• 474e1f7 Merge branch 'main' into fix/failing-ci-test
• 1c1d77d Add test to check relations inside components are transferred
• 056642c revert afterEach
• db12885 revert sqlite3 package
• cc2cbd4 test: entity service update decorator with strapi stage
• b62fee6 fix: do not update review workflow when doing partial updates
• c46c760 Merge pull request #17452 from strapi/chore/improve-dts-errors
• 1c7e19e Merge pull request #17462 from strapi/fix/registration-lastname-null
• e0d1269 Merge pull request #17510 from strapi/dependabot/npm_and_yarn/aws-sdk-2.1425.0
• f9edd8f Merge pull request #17509 from strapi/dependabot/npm_and_yarn/cloudinary-1.39.0
• 5fec0d5 Merge pull request #17268 from strapi/dependabot/npm_and_yarn/winston-3.10.0
• c65fe99 Merge pull request #17507 from strapi/dependabot/npm_and_yarn/eslint-3621c61b0f
• 3099f75 Merge pull request #17508 from strapi/dependabot/npm_and_yarn/core-js-3.32.0
• 20937a7 Chore: Apply lint autofixable rules
• e709346 chore(deps): bump aws-sdk from 2.1420.0 to 2.1425.0

See the full diff

Package name: @strapi/strapi

The new version differs by 250 commits.

• be8985f v4.12.1
• f5107c7 Merge pull request #16507 from strapi/enhancement/perfs-wildcard-populate-sanitization
• bbfc691 Merge pull request #17475 from strapi/fix/deits-relations
• 375473a Merge pull request #16960 from marob/dev/caseInsenFilters
• d734918 Merge branch 'main' into enhancement/perfs-wildcard-populate-sanitization
• 26f7b38 Merge pull request #17490 from strapi/fix/failing-ci-test
• 180ac0c Merge branch 'main' of https://github.com/strapi/strapi into fix/deits-relations
• 6787a08 Merge branch 'main' into dev/caseInsenFilters
• 3b32ee0 Merge pull request #17512 from strapi/fix/api-partial-update-rw
• 474e1f7 Merge branch 'main' into fix/failing-ci-test
• 1c1d77d Add test to check relations inside components are transferred
• 056642c revert afterEach
• db12885 revert sqlite3 package
• cc2cbd4 test: entity service update decorator with strapi stage
• b62fee6 fix: do not update review workflow when doing partial updates
• c46c760 Merge pull request #17452 from strapi/chore/improve-dts-errors
• 1c7e19e Merge pull request #17462 from strapi/fix/registration-lastname-null
• e0d1269 Merge pull request #17510 from strapi/dependabot/npm_and_yarn/aws-sdk-2.1425.0
• f9edd8f Merge pull request #17509 from strapi/dependabot/npm_and_yarn/cloudinary-1.39.0
• 5fec0d5 Merge pull request #17268 from strapi/dependabot/npm_and_yarn/winston-3.10.0
• c65fe99 Merge pull request #17507 from strapi/dependabot/npm_and_yarn/eslint-3621c61b0f
• 3099f75 Merge pull request #17508 from strapi/dependabot/npm_and_yarn/core-js-3.32.0
• 20937a7 Chore: Apply lint autofixable rules
• e709346 chore(deps): bump aws-sdk from 2.1420.0 to 2.1425.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)