Vylpes

0 followers · 0 following

• Joined on 2022-08-05
• • 

Repositories

3

Projects Packages Public activity Starred repositories

Vylpes commented on issue External/card-drop#458 2025-06-04 18:34:48 +01:00

[18] [HIGH] Regular Expression Denial of Service (ReDoS) in cross-spawn

Upgrade cross-spawn to version 7.0.5 or later. For example:

cross-spawn@^7.0.5:
  version "7.0.5"

Vylpes commented on issue External/card-drop#458 2025-06-04 18:34:16 +01:00

[18] [HIGH] Regular Expression Denial of Service (ReDoS) in cross-spawn

Transitive dependency cross-spawn 7.0.3 is introduced via

• eslint 8.57.0
• glob 10.4.5
• jest 29.7.0
• np 9.2.0
• typeorm 0.3.20

Vylpes opened issue External/card-drop#458 2025-06-04 18:33:23 +01:00

[18] [HIGH] Regular Expression Denial of Service (ReDoS) in cross-spawn

Vylpes closed issue External/card-drop#358 2025-06-04 18:31:51 +01:00

[11] Regular Expression Denial of Service (ReDoS) in micromatch

Vylpes closed issue External/card-drop#369 2025-06-04 18:31:51 +01:00

[12] express vulnerable to XSS via response.redirect()

Vylpes closed issue External/card-drop#370 2025-06-04 18:31:51 +01:00

[13] body-parser vulnerable to denial of service when url encoding is enabled

Vylpes closed issue External/card-drop#393 2025-06-04 18:31:51 +01:00

[14] serve-static vulnerable to template injection that can lead to XSS

Vylpes closed issue External/card-drop#394 2025-06-04 18:31:51 +01:00

[15] send vulnerable to template injection that can lead to XSS

Vylpes closed issue External/card-drop#395 2025-06-04 18:31:51 +01:00

[16] path-to-regexp outputs backtracking regular expressions

Vylpes closed issue External/card-drop#396 2025-06-04 18:31:51 +01:00

[17] cookie accepts cookie name, path, and domain with out of bounds characters

Vylpes pushed to feature/CD-445 at External/card-drop 2025-06-04 18:30:35 +01:00

e4c37f9418 Upgrade winston

243889aec6 Upgrade minimatch

d7b8d7317b Upgrade fuse.js

1e5537263d Upgrade express

36589dab33 Upgrade dotenv

Compare 11 commits »

Vylpes opened issue External/card-drop#457 2025-06-02 19:52:01 +01:00

Update drop embed buttons to auto sacrifice on reroll

Vylpes opened issue External/card-drop#456 2025-06-01 13:20:30 +01:00

Create effects to be able to increase the chance of getting gold, legendary, and manga

Vylpes opened issue External/card-drop#455 2025-06-01 13:18:43 +01:00

Unclaimed card effect chance should be dynamic

Vylpes deleted branch hotfix/0.9.2 from External/card-drop 2025-05-28 18:19:40 +01:00

Vylpes pushed to develop at External/card-drop 2025-05-28 18:19:26 +01:00

334be26326 Merge branch 'main' into develop

fc3c98f1bb v0.9.2

c9f7c443cf Fix effects helper returning an error when the buttons are disabled (#454)

434f162a01 Update unclaimed card filter to fallback to any card if all cards are claimed (#452)

Compare 4 commits »

Vylpes released 0.9.2 at External/card-drop 2025-05-28 18:18:13 +01:00

Vylpes pushed to main at External/card-drop 2025-05-28 18:17:51 +01:00

fc3c98f1bb v0.9.2

c9f7c443cf Fix effects helper returning an error when the buttons are disabled (#454)

434f162a01 Update unclaimed card filter to fallback to any card if all cards are claimed (#452)

Compare 3 commits »

Vylpes pushed tag v0.9.2 to External/card-drop 2025-05-28 18:17:51 +01:00

Vylpes closed issue External/card-drop#453 2025-05-28 16:14:54 +01:00

Effects Buy showed an error even though it ran succesfully