[Snyk] Upgrade carbon-components from 10.10.3 to 10.58.14

[mjperrins]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade carbon-components from 10.10.3 to 10.58.14.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 145 versions ahead of your current version.
• The recommended version was released 22 days ago, on 2024-03-11.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MERGEDEEP-1070277	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-2407770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430339	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-NODEFORGE-598677	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WEBSOCKETEXTENSIONS-570623	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIHTML-1296849	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Memory Exposure SNYK-JS-DNSPACKET-1293563	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKJS-575261	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXY-569139	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Open Redirect SNYK-JS-NODEFORGE-2330875	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-NODEFORGE-2331908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430337	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Open Redirect SNYK-JS-URLPARSE-1533425	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Verification of Cryptographic Signature SNYK-JS-NODEFORGE-2430341	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Open Redirect SNYK-JS-EXPRESS-6474509	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: carbon-components

• 10.58.14 - 2024-03-11
• 10.58.13 - 2024-01-10
• 10.58.12 - 2023-10-19
• 10.58.11 - 2023-10-04
• 10.58.10 - 2023-08-22
• 10.58.9 - 2023-08-17
• 10.58.8 - 2023-07-06
• 10.58.7 - 2023-05-17
• 10.58.6 - 2023-02-16
• 10.58.5 - 2022-11-11
• 10.58.4 - 2022-10-11
• 10.58.3 - 2022-09-27
• 10.58.2 - 2022-09-16
• 10.58.1 - 2022-09-01
• 10.58.0 - 2022-08-23
• 10.57.2 - 2022-05-27
• 10.57.1 - 2022-05-04
• 10.57.0 - 2022-04-28
• 10.56.0 - 2022-03-25
• 10.56.0-rc.0 - 2022-03-24
• 10.55.2 - 2022-03-18
• 10.55.1 - 2022-03-11
• 10.55.0 - 2022-03-10
• 10.55.0-rc.0 - 2022-03-08
• 10.54.0 - 2022-02-25
• 10.54.0-rc.0 - 2022-02-22
• 10.53.0 - 2022-02-14
• 10.53.0-rc.0 - 2022-02-10
• 10.52.0 - 2022-01-29
• 10.52.0-rc.0 - 2022-01-26
• 10.51.0 - 2022-01-14
• 10.51.0-rc.0 - 2022-01-13
• 10.50.0 - 2021-12-10
• 10.50.0-rc.0 - 2021-12-07
• 10.49.0 - 2021-12-02
• 10.49.0-rc.0 - 2021-12-01
• 10.48.0 - 2021-11-11
• 10.48.0-rc.0 - 2021-11-10
• 10.47.1 - 2021-11-04
• 10.47.0 - 2021-10-28
• 10.47.0-rc.0 - 2021-10-26
• 10.46.0 - 2021-10-14
• 10.46.0-rc.0 - 2021-10-12
• 10.45.0 - 2021-09-30
• 10.45.0-rc.0 - 2021-09-29
• 10.44.0 - 2021-09-22
• 10.44.0-rc.0 - 2021-09-16
• 10.43.0 - 2021-09-03
• 10.43.0-rc.0 - 2021-09-02
• 10.42.0 - 2021-08-23
• 10.42.0-rc.0 - 2021-08-17
• 10.41.0 - 2021-08-05
• 10.41.0-rc.0 - 2021-08-03
• 10.40.2 - 2021-08-03
• 10.40.1 - 2021-07-29
• 10.40.0 - 2021-07-22
• 10.40.0-rc.0 - 2021-07-20
• 10.39.0 - 2021-07-08
• 10.39.0-rc.0 - 2021-07-06
• 10.38.0 - 2021-06-24
• 10.38.0-rc.0 - 2021-06-22
• 10.37.0 - 2021-06-10
• 10.37.0-rc.0 - 2021-06-09
• 10.36.0 - 2021-05-26
• 10.36.0-rc.0 - 2021-05-24
• 10.35.0 - 2021-05-13
• 10.35.0-rc.0 - 2021-05-10
• 10.34.0 - 2021-04-30
• 10.34.0-rc.0 - 2021-04-28
• 10.33.0 - 2021-04-16
• 10.33.0-rc.0 - 2021-04-13
• 10.32.1 - 2021-04-07
• 10.32.0 - 2021-04-02
• 10.32.0-rc.0 - 2021-03-30
• 10.31.0 - 2021-03-18
• 10.31.0-rc.0 - 2021-03-16
• 10.30.0 - 2021-03-04
• 10.30.0-rc.0 - 2021-03-02
• 10.29.0 - 2021-02-19
• 10.29.0-rc.1 - 2021-02-18
• 10.29.0-rc.0 - 2021-02-16
• 10.28.0 - 2021-02-04
• 10.28.0-rc.0 - 2021-02-02
• 10.27.0 - 2021-01-25
• 10.27.0-rc.4 - 2021-01-23
• 10.27.0-rc.3 - 2021-01-22
• 10.27.0-rc.2 - 2021-01-22
• 10.27.0-rc.1 - 2021-01-21
• 10.27.0-rc.0 - 2021-01-20
• 10.26.0 - 2021-01-07
• 10.26.0-rc.1 - 2021-01-06
• 10.26.0-rc.0 - 2021-01-05
• 10.26.0-alpha.0 - 2020-12-03
• 10.25.0 - 2020-12-03
• 10.25.0-rc.2 - 2020-12-01
• 10.25.0-rc.1 - 2020-11-20
• 10.25.0-rc.0 - 2020-11-19
• 10.24.0 - 2020-11-12
• 10.24.0-rc.0 - 2020-11-09
• 10.23.2 - 2020-10-30
• 10.23.1 - 2020-10-29
• 10.23.0 - 2020-10-29
• 10.23.0-rc.0 - 2020-10-26
• 10.22.0 - 2020-10-15
• 10.22.0-rc.0 - 2020-10-12
• 10.21.0 - 2020-10-01
• 10.21.0-rc.1 - 2020-10-01
• 10.21.0-rc.0 - 2020-09-28
• 10.20.0 - 2020-09-17
• 10.20.0-rc.0 - 2020-09-14
• 10.19.0 - 2020-09-03
• 10.19.0-rc.0 - 2020-09-01
• 10.18.0 - 2020-08-20
• 10.18.0-rc.0 - 2020-08-17
• 10.17.0 - 2020-08-06
• 10.17.0-rc.0 - 2020-07-30
• 10.17.0-alpha.0 - 2020-07-21
• 10.16.0 - 2020-07-20
• 10.16.0-rc.1 - 2020-07-15
• 10.16.0-rc.0 - 2020-07-07
• 10.16.0-alpha.0 - 2020-07-01
• 10.15.0 - 2020-06-30
• 10.15.0-rc.0 - 2020-06-24
• 10.15.0-alpha.0 - 2020-06-19
• 10.14.0 - 2020-06-16
• 10.14.0-rc.1 - 2020-06-16
• 10.14.0-rc.0 - 2020-06-12
• 10.14.0-alpha.0 - 2020-06-15
• 10.13.0 - 2020-06-05
• 10.13.0-rc.1 - 2020-06-04
• 10.13.0-rc.0 - 2020-06-03
• 10.13.0-alpha.0 - 2020-06-03
• 10.12.0 - 2020-05-14
• 10.12.0-rc.2 - 2020-05-13
• 10.12.0-rc.1 - 2020-05-13
• 10.12.0-rc.0 - 2020-05-04
• 10.12.0-alpha.0 - 2020-04-30
• 10.11.2 - 2020-04-23
• 10.11.1 - 2020-04-21
• 10.11.1-rc.0 - 2020-04-16
• 10.11.0 - 2020-04-09
• 10.11.0-rc.1 - 2020-04-08
• 10.11.0-rc.0 - 2020-03-31
• 10.11.0-alpha.6542 - 2020-03-16
• 10.11.0-alpha.0 - 2020-03-04
• 10.10.3 - 2020-03-25

from carbon-components GitHub release notes

Commit messages

Package name: carbon-components

• 4e41819 chore(release): v10.59.21 (#15936)
• 6e9cea5 chore: onboard remaining v10 packages to IBM Telemetry 🚀 (#15852)
• 13ce256 Compliance footer v10 (#15721)
• 8434638 feat: added commonjs to v10 (#15694)
• 44762ce feat: added compliance footer
• 34ed452 chore(release): v10.59.20 (#15611)
• 6ca5395 chore(v10): update @ ibm/telemetry-js to v1.2.0 (#15604)
• 3b6545b chore(release): v10.59.19 (#15520)
• 738e0c2 feat(pictograms): port pictograms from v11 to v10 (#15503)
• 6057efa feat(icons): port v11 icons to v10 (#15501)
• 9950019 Update telemetry.yml project Id (#15504)
• a66c850 chore(release): v10.59.18 (#15486)
• 26c0b71 fix(v10): add direct dependency to @ ibm/telemetry-js (#15428)
• 24d3682 Chore: Onboard @ carbon/react v10 to IBM Telemetry 🚀 (#15391)
• d9abf5b fix(Dropdown): backport dropdown a11y fix to v10 (#15197)
• 3e1660d chore(release): v10.59.17 (#15139)
• 83a6bbb Add LTS notification - v10 storybook (#14860)
• 440ade5 chore(release): v10.59.16 (#14946)
• 2b3cdf3 fix(CodeSnippet): v10 - fix horizontal scrolling with keyboard (#14910)
• 8020480 chore(release): v10.59.15 (#14761)
• 23bdcfc fix(DataTable): backport tab fixes to v10 (#14675)
• fe6f69a chore(release): v10.59.14 (#14643)
• 43174c6 fix(OverflowMenu): backport a11y fix to v10 (#14606)
• 0d49a9c chore(release): v10.59.13 (#14539)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs