[Snyk] Upgrade ejs from 3.1.6 to 3.1.10

[EricStautmeister]

Snyk has created this PR to upgrade ejs from 3.1.6 to 3.1.10.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.

• The recommended version was released 2 years ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Remote Code Execution (RCE) SNYK-JS-EJS-2803307	222	Proof of Concept
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	222	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	222	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	222	Proof of Concept

Release notes

Package name: ejs

• 3.1.10 - 2024-04-12
  

  Version 3.1.10

• 3.1.9 - 2023-03-12
  

  Version 3.1.9

• 3.1.8 - 2022-05-11
  

  Version 3.1.8

• 3.1.7 - 2022-04-20
  

  Version 3.1.7

• 3.1.6 - 2021-02-06
  

  Version 3.1.6

from ejs GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	ejs@​3.1.6 ⏵ 3.1.10	+1	+75

View full report