Elgato_dark/twenty
1
0
Fork 0
mirror of https://github.com/twentyhq/twenty synced 2026-04-21 13:37:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 17

fix: mailparser vulnerable to cross-site scripting (#18664)

Browse source 
Resolves [Dependabot Alert
595](https://github.com/twentyhq/twenty/security/dependabot/595) and
[Dependabot Alert
596](https://github.com/twentyhq/twenty/security/dependabot/596).
This commit is contained in:
Abdullah. 2026-03-16 13:59:36 +05:00 committed by GitHub
parent 5c745059ad
commit 6e36ad9fa2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 24 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/twenty-server/package.json
View file

@ -145,7 +145,7 @@
"lodash.uniq": "^4.5.0",
"lodash.uniqby": "^4.7.0",
"lodash.upperfirst": "4.3.1",
"mailparser": "3.9.1",
"mailparser": "3.9.3",
"microdiff": "1.4.0",
"mrmime": "^2.0.1",
"ms": "2.1.3",

30
yarn.lock
View file

@ -39336,6 +39336,15 @@ __metadata:
languageName: node
linkType: hard
"iconv-lite@npm:0.7.2":
version: 0.7.2
resolution: "iconv-lite@npm:0.7.2"
dependencies:
safer-buffer: "npm:>= 2.1.2 < 3.0.0"
checksum: 10c0/3c228920f3bd307f56bf8363706a776f4a060eb042f131cd23855ceca962951b264d0997ab38a1ad340e1c5df8499ed26e1f4f0db6b2a2ad9befaff22f14b722
languageName: node
linkType: hard
"iconv-lite@npm:^0.4.24, iconv-lite@npm:~0.4.24":
version: 0.4.24
resolution: "iconv-lite@npm:0.4.24"
@ -44231,21 +44240,21 @@ __metadata:
languageName: node
linkType: hard
"mailparser@npm:3.9.1":
version: 3.9.1
resolution: "mailparser@npm:3.9.1"
"mailparser@npm:3.9.3":
version: 3.9.3
resolution: "mailparser@npm:3.9.3"
dependencies:
"@zone-eu/mailsplit": "npm:5.4.8"
encoding-japanese: "npm:2.2.0"
he: "npm:1.2.0"
html-to-text: "npm:9.0.5"
iconv-lite: "npm:0.7.0"
iconv-lite: "npm:0.7.2"
libmime: "npm:5.3.7"
linkify-it: "npm:5.0.0"
nodemailer: "npm:7.0.11"
nodemailer: "npm:7.0.13"
punycode.js: "npm:2.3.1"
tlds: "npm:1.261.0"
checksum: 10c0/3542fd211b7a2b3266c5e5469aa4281a280c500ae84eadcd2af7e69ec92faa4fccc883f19de614566c6eb647504412cb0bf37844bcb6d3eecf9f0277154f6f90
checksum: 10c0/da62c7cd977867da8be0dd1e6cf3b137821258e0d1e0976a00d3ec17bbd8a92bbefbccc7b0ec1dd33bc5ccd28dc5d51bbae723fac8ca05be843e88b7d579c751
languageName: node
linkType: hard
@ -46869,6 +46878,13 @@ __metadata:
languageName: node
linkType: hard
"nodemailer@npm:7.0.13":
version: 7.0.13
resolution: "nodemailer@npm:7.0.13"
checksum: 10c0/b26aa5b9fa4a033bbc1e1c16ef75ee2a9c8641fd290c00a8361d6a251b3c1b8bad545a23efa627f59cb266340a448891ea8aa49d8a9307c767b8505219d95079
languageName: node
linkType: hard
"nopt@npm:^5.0.0":
version: 5.0.0
resolution: "nopt@npm:5.0.0"
@ -56759,7 +56775,7 @@ __metadata:
lodash.uniq: "npm:^4.5.0"
lodash.uniqby: "npm:^4.7.0"
lodash.upperfirst: "npm:4.3.1"
mailparser: "npm:3.9.1"
mailparser: "npm:3.9.3"
microdiff: "npm:1.4.0"
mrmime: "npm:^2.0.1"
ms: "npm:2.1.3"