derteaser / foerderverein-einsteinstrasse Goto Github PK

View Code? Open in Web Editor NEW

1.0 5.0 0.0 50.65 MB

Website of Förderverein Familienzentrum Einsteinstraße in Neuss

Home Page: https://www.foerderverein-familienzentrum-einsteinstrasse-neuss.de

JavaScript 6.67% PHP 83.24% CSS 10.09%

website kirby3 kirby kindergarten non-profit

foerderverein-einsteinstrasse's People

Contributors

Stargazers

Watchers

foerderverein-einsteinstrasse's Issues

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

WARN: Using npm packages for Renovate presets is now deprecated. Please migrate to repository-based presets instead.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

⬆️ Upgrade dependency getkirby/cms to v3.10.0

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

⬆️ Upgrade dependency getkirby/cms to v4

Detected dependencies

composer

composer.json

php ^8.1

getkirby/cms 3.9.8

pedroborges/kirby-meta-tags 2.1.0

bnomei/kirby3-robots-txt 1.8.0

arnoson/kirby-vite 5.1.0

oblik/kirby-link-field 5.2.2

paulmorel/fathom-analytics 1.0.0

bnomei/kirby3-dotenv 2.2.0

bnomei/kirby3-feed 1.5.8

github-actions

.github/workflows/deploy.yml

actions/setup-node v4

stefanzweifel/git-auto-commit-action v5.0.0

.github/workflows/php.yml

actions/checkout v4@b4ffde65f46336ab88eb53be808477a3936bae11

npm

package.json

@prettier/plugin-php ^0.22.0

@tailwindcss/aspect-ratio 0.4.2

@tailwindcss/typography 0.5.10

autoprefixer 10.4.17

bigpicture 2.6.2

heroicons 2.1.1

postcss 8.4.33

postcss-cli 11.0.0

postcss-import 16.0.0

postcss-nested 6.0.1

prettier 3.2.4

prettier-plugin-tailwindcss 0.5.11

simple-icons 11.2.0

svg-mixer 2.3.14

tailwindcss 3.4.1

tailwindcss-debug-screens 2.2.1

vite 5.0.12

vite-plugin-kirby 5.1.0

vite-plugin-live-reload 3.0.3

vite-plugin-mkcert 1.17.3

Check this box to trigger a request for Renovate to run again on this repository

pedroborges/kirby-meta-tags-v2.1.0: 2 vulnerabilities (highest severity is: 6.1)

Vulnerable Library - pedroborges/kirby-meta-tags-v2.1.0

HTML meta tags generator for Kirby 3.

Library home page: https://api.github.com/repos/pedroborges/kirby-meta-tags/zipball/e88cea13966d5affd04f98e0c51835bb8db14707

Found in HEAD commit: d84de2abc40c99800505d186cc31563565f8a8ce

Vulnerabilities

CVE	Severity	CVSS	Dependency	Type	Fixed in	Remediation Available
CVE-2022-0879	Medium	6.1	pedroborges/kirby-meta-tags-v2.1.0	Direct	1.9.7	❌
CVE-2022-0442	Medium	4.3	pedroborges/kirby-meta-tags-v2.1.0	Direct	1.2.3.1	❌

Details

CVE-2022-0879

Vulnerable Library - pedroborges/kirby-meta-tags-v2.1.0

HTML meta tags generator for Kirby 3.

Library home page: https://api.github.com/repos/pedroborges/kirby-meta-tags/zipball/e88cea13966d5affd04f98e0c51835bb8db14707

Dependency Hierarchy:

❌ pedroborges/kirby-meta-tags-v2.1.0 (Vulnerable Library)

Found in HEAD commit: d84de2abc40c99800505d186cc31563565f8a8ce

Found in base branch: main

Vulnerability Details

The Caldera Forms WordPress plugin before 1.9.7 does not validate and escape the cf-api parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting

Publish Date: 2022-04-18

URL: CVE-2022-0879

CVSS 3 Score Details (6.1)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://wpscan.com/vulnerability/c12f6087-1875-4edf-ac32-bec6f712968d

Release Date: 2022-04-18

Fix Resolution: 1.9.7

Step up your Open Source Security Game with Mend here

CVE-2022-0442

Vulnerable Library - pedroborges/kirby-meta-tags-v2.1.0

HTML meta tags generator for Kirby 3.

Library home page: https://api.github.com/repos/pedroborges/kirby-meta-tags/zipball/e88cea13966d5affd04f98e0c51835bb8db14707

Dependency Hierarchy:

❌ pedroborges/kirby-meta-tags-v2.1.0 (Vulnerable Library)

Found in HEAD commit: d84de2abc40c99800505d186cc31563565f8a8ce

Found in base branch: main

Vulnerability Details

The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar.

Publish Date: 2022-03-07

URL: CVE-2022-0442

CVSS 3 Score Details (4.3)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: Low
- Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://wpscan.com/vulnerability/9cf0822a-c9d6-4ebc-b905-95b143d1a692

Release Date: 2022-03-07

Fix Resolution: 1.2.3.1

Step up your Open Source Security Game with Mend here

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.