[Snyk] Upgrade amazon-cognito-identity-js from 4.5.7 to 4.6.3

[ciaran-finnegan]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade amazon-cognito-identity-js from 4.5.7 to 4.6.3.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 103 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2021-05-14.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Remote Code Execution (RCE) SNYK-JS-SIMPLEGIT-3112221	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SIMPLEGIT-3177391	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Directory Traversal SNYK-JS-ADMZIP-1065796	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-PROTOBUFJS-2441248	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-PROTOBUFJS-5756498	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Directory Traversal SNYK-JS-MOMENT-2440688	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1584358	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1585624	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Command Injection SNYK-JS-SIMPLEGIT-2421199	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') SNYK-JS-SIMPLEGIT-2434306	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Denial of Service SNYK-JS-NODEFETCH-674311	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Improper Input Validation SNYK-JS-SOCKETIOPARSER-3091012	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-XML2JS-5414874	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Denial of Service (DoS) SNYK-JS-JSZIP-1251497	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1047770	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-2824151	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	512/1000 Why? Proof of Concept exploit, CVSS 8.1	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	512/1000 Why? Proof of Concept exploit, CVSS 8.1	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: amazon-cognito-identity-js

• 4.6.3 - 2021-05-14
• 4.6.2 - 2021-05-14
• 4.6.2-unstable.3 - 2021-05-10
• 4.6.2-unstable.2 - 2021-05-10
• 4.6.2-unstable.1 - 2021-05-07
• 4.6.1 - 2021-05-06
• 4.6.1-unstable.56 - 2021-05-06
• 4.6.1-unstable.55 - 2021-05-05
• 4.6.1-unstable.52 - 2021-05-04
• 4.6.1-unstable.51 - 2021-05-04
• 4.6.1-unstable.50 - 2021-05-03
• 4.6.1-unstable.49 - 2021-05-03
• 4.6.1-unstable.48 - 2021-04-30
• 4.6.1-unstable.47 - 2021-04-30
• 4.6.1-unstable.46 - 2021-04-29
• 4.6.1-unstable.45 - 2021-04-29
• 4.6.1-unstable.44 - 2021-04-28
• 4.6.1-unstable.43 - 2021-04-28
• 4.6.1-unstable.42 - 2021-04-28
• 4.6.1-unstable.41 - 2021-04-28
• 4.6.1-unstable.39 - 2021-04-26
• 4.6.1-unstable.38 - 2021-04-26
• 4.6.1-unstable.37 - 2021-04-26
• 4.6.1-unstable.36 - 2021-04-26
• 4.6.1-unstable.35 - 2021-04-23
• 4.6.1-unstable.34 - 2021-04-23
• 4.6.1-unstable.33 - 2021-04-19
• 4.6.1-unstable.29 - 2021-04-15
• 4.6.1-unstable.28 - 2021-04-15
• 4.6.1-unstable.27 - 2021-04-15
• 4.6.1-unstable.26 - 2021-04-15
• 4.6.1-unstable.25 - 2021-04-14
• 4.6.1-unstable.24 - 2021-04-13
• 4.6.1-unstable.23 - 2021-04-13
• 4.6.1-unstable.22 - 2021-04-12
• 4.6.1-unstable.21 - 2021-04-09
• 4.6.1-unstable.20 - 2021-04-07
• 4.6.1-unstable.19 - 2021-04-06
• 4.6.1-unstable.18 - 2021-04-05
• 4.6.1-unstable.17 - 2021-04-05
• 4.6.1-unstable.15 - 2021-04-02
• 4.6.1-unstable.14 - 2021-04-02
• 4.6.1-unstable.13 - 2021-03-31
• 4.6.1-unstable.12 - 2021-03-29
• 4.6.1-unstable.11 - 2021-03-26
• 4.6.1-unstable.7 - 2021-03-25
• 4.6.1-unstable.6 - 2021-03-25
• 4.6.1-unstable.5 - 2021-03-24
• 4.6.1-unstable.4 - 2021-03-24
• 4.6.1-unstable.3 - 2021-03-23
• 4.6.1-unstable.2 - 2021-03-19
• 4.6.1-unstable.1 - 2021-03-19
• 4.6.0 - 2021-03-18
• 4.5.15-unstable.3 - 2021-03-17
• 4.5.15-unstable.1 - 2021-03-16
• 4.5.14 - 2021-03-12
• 4.5.14-unstable.8 - 2021-03-12
• 4.5.14-unstable.7 - 2021-03-12
• 4.5.14-unstable.6 - 2021-03-12
• 4.5.14-unstable.5 - 2021-03-11
• 4.5.14-unstable.4 - 2021-03-11
• 4.5.13 - 2021-03-08
• 4.5.13-unstable.1 - 2021-03-01
• 4.5.12 - 2021-02-25
• 4.5.12-unstable.8 - 2021-02-25
• 4.5.12-unstable.7 - 2021-02-22
• 4.5.12-unstable.6 - 2021-02-22
• 4.5.12-unstable.5 - 2021-02-22
• 4.5.12-unstable.4 - 2021-02-22
• 4.5.12-unstable.3 - 2021-02-22
• 4.5.12-unstable.2 - 2021-02-20
• 4.5.12-unstable.1 - 2021-02-19
• 4.5.11 - 2021-02-18
• 4.5.11-unstable.15 - 2021-02-18
• 4.5.11-unstable.14 - 2021-02-16
• 4.5.11-unstable.10 - 2021-02-15
• 4.5.11-unstable.9 - 2021-02-10
• 4.5.11-unstable.5 - 2021-02-09
• 4.5.11-unstable.4 - 2021-02-09
• 4.5.11-unstable.3 - 2021-02-09
• 4.5.11-unstable.2 - 2021-02-09
• 4.5.11-unstable.1 - 2021-02-04
• 4.5.10 - 2021-02-03
• 4.5.10-unstable.3 - 2021-02-02
• 4.5.10-unstable.2 - 2021-02-02
• 4.5.10-unstable.1 - 2021-02-02
• 4.5.9 - 2021-02-01
• 4.5.9-unstable.6 - 2021-02-01
• 4.5.9-unstable.5 - 2021-01-30
• 4.5.9-unstable.4 - 2021-01-29
• 4.5.9-unstable.1 - 2021-01-29
• 4.5.8 - 2021-01-29
• 4.5.8-unstable.11 - 2021-01-28
• 4.5.8-unstable.10 - 2021-01-27
• 4.5.8-unstable.9 - 2021-01-27
• 4.5.8-unstable.8 - 2021-01-26
• 4.5.8-unstable.7 - 2021-01-25
• 4.5.8-unstable.6 - 2021-01-22
• 4.5.8-unstable.5 - 2021-01-20
• 4.5.8-unstable.4 - 2021-01-20
• 4.5.8-unstable.3 - 2021-01-14
• 4.5.8-unstable.2 - 2021-01-13
• 4.5.8-unstable.1 - 2021-01-11
• 4.5.7 - 2021-01-07

from amazon-cognito-identity-js GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs