[Snyk] Upgrade cloudinary-core from 2.3.0 to 2.13.0

[snyk-bot]

Snyk has created this PR to upgrade cloudinary-core from 2.3.0 to 2.13.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 30 versions ahead of your current version.
• The recommended version was released 4 months ago, on 2022-07-17.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-73638	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-450202	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution npm:lodash:20180130	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-73639	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: cloudinary-core

• 2.13.0 - 2022-07-17
  

  New functionality and features

  • Allow to disable b-frames for video codec (#284)
  • Add support for generating url with auth_token (#290)

  Fixes

  • Fix support for start offset and end offset parameters (#289)

  Other Changes

  • Remove links to nonexistent mapfiles in js folder (#283)
  • Update README
• 2.12.3 - 2022-01-06
  
  • Fix transparent video on safari 14.1 by using fetch instead of XHR (#282)
• 2.12.2 - 2022-01-03
  
  • Fix missing userAgent on Node.js (#281)
• 2.12.1 - 2022-01-02
  
  • Fix pictureTag arguments & add missing definitions (#278)
  • Fix image srcset passed as attribute (#277)
  • Fix transparent video on Safari (#280)
• 2.12.0 - 2021-10-10
  

  New functionality and features

  • Add support for variables in text style (#271)

  Other Changes

  • Fix README.md npm package links (#272)
  • Refactor normalization of e_preview:duration (#270)
• 2.11.4 - 2021-04-25
  
  • Fix transformations with variable names containing predefined names (#265)
  • Fix responsive URL generation for zero width images (#206)
  • Fix incorrect readme text and broken links (#264)
  • Add test for context metadata as user variables (#266)
• 2.11.3 - 2020-09-30
  
  • Fix js/jquery.cloudinary.js es5 compatibility by removing arrow functions
• 2.11.2 - 2020-08-11
  
  • Fix typescript declarations (#257)
• 2.11.1 - 2020-07-26
  
  • Revert Fix lazy loading of responsive images (#253)
• 2.11.0 - 2020-07-26
  

  New functionality and features

  • Add support for transparent video (#211)

  Other Changes

  • Fix lazy loading of responsive images (#253)
  • Fix signature param support in ie11 (#252)
  • Add test and pre commit hook to prevent js folder changes (#249) (#251)
• 2.10.3 - 2020-07-11
• 2.10.2 - 2020-07-08
• 2.10.1 - 2020-07-06
• 2.10.0 - 2020-07-01
• 2.9.0 - 2020-06-21
• 2.8.2 - 2020-03-25
• 2.8.1 - 2020-02-18
• 2.8.0 - 2019-11-24
• 2.7.4 - 2019-08-18
• 2.7.3 - 2019-08-05
• 2.7.2 - 2019-08-05
• 2.7.1 - 2019-08-04
• 2.7.0 - 2019-08-04
• 2.6.3 - 2019-04-02
• 2.6.2 - 2019-02-01
• 2.6.1 - 2019-01-29
• 2.6.1-rc1 - 2019-01-29
• 2.6.0 - 2019-01-28
• 2.5.0 - 2018-02-13
• 2.4.0 - 2017-12-10
• 2.3.0 - 2017-03-27

from cloudinary-core GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs