Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Security upgrade webpack-dev-server from 3.1.14 to 4.7.3 #31

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

fix: src/Web/WebSPA/package.json & src/Web/WebSPA/package-lock.json t…

df81fd9
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Security upgrade webpack-dev-server from 3.1.14 to 4.7.3 #31

fix: src/Web/WebSPA/package.json & src/Web/WebSPA/package-lock.json t…
df81fd9
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / WhiteSource Security Check failed Nov 28, 2023 in 2h 11m 4s

Security Report

You have successfully remediated 148 vulnerabilities, but introduced 35 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2021-26701

Path to dependency file: /src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.encodings.web/4.5.0/system.text.encodings.web.4.5.0.nupkg

Dependency Hierarchy:

-> microsoft.aspnetcore.http.abstractions.2.2.0.nupkg (Root Library)

   -> ❌ system.text.encodings.web.4.5.0.nupkg (Vulnerable Library)

Critical 9.8 system.text.encodings.web.4.5.0.nupkg Upgrade to version: System.Text.Encodings.Web - 4.5.1,4.7.2,5.0.1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/uap10.0/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/Xamarin.Mac/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/MonoAndroid10/Xamarin.Forms.Platform.Android.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform.Android-2.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform.Android-2.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/netstandard1.0/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/tizen40/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to dependency file: /home/wss-scanner/.nuget/packages/xunit.runner.devices/2.3.3/xunit.runner.devices.nuspec

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/Xamarin.Forms.3.0.0.482510.nupkg,/home/wss-scanner/.nuget/packages/xamarin.forms/3.0.0.482510/xamarin.forms.3.0.0.482510.nupkg

Dependency Hierarchy:

-> ❌ xamarin.forms.3.0.0.482510.nupkg (Vulnerable Library)

High 8.8 xamarin.forms.3.0.0.482510.nupkg Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/netstandard2.0/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/MonoAndroid10/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/Xamarin.iOS10/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.1.3.4.6332/lib/MonoAndroid10/Xamarin.Forms.Platform.Android.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform.Android-1.3.4.0.dll (Vulnerable Library)

High 8.8 Xamarin.Forms.Platform.Android-1.3.4.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
WS-2022-0161

Path to dependency file: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj

Path to vulnerable library: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj,/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj,/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj,/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj

Dependency Hierarchy:

-> ❌ newtonsoft.json.10.0.3.nupkg (Vulnerable Library)

High 7.5 newtonsoft.json.10.0.3.nupkg Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/netstandard1.3/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/netstandard1.0/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net45/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net35/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net20/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net40/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
WS-2022-0161

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0 None
CVE-2019-0820

Path to vulnerable library: /packages/System.Text.RegularExpressions.4.3.0/lib/netstandard1.6/System.Text.RegularExpressions.dll

Dependency Hierarchy:

-> ❌ System.Text.RegularExpressions-4.6.24705.01.dll (Vulnerable Library)

High 7.5 System.Text.RegularExpressions-4.6.24705.01.dll Upgrade to version: System.Text.RegularExpressions - 4.3.1 None
CVE-2019-0820

Path to dependency file: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj

Path to vulnerable library: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj,/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj,/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj,/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj

Dependency Hierarchy:

-> ❌ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

High 7.5 system.text.regularexpressions.4.3.0.nupkg Upgrade to version: System.Text.RegularExpressions - 4.3.1 None
CVE-2019-0820

Path to vulnerable library: /packages/System.Text.RegularExpressions.4.3.0/System.Text.RegularExpressions.4.3.0.nupkg

Dependency Hierarchy:

-> ❌ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

High 7.5 system.text.regularexpressions.4.3.0.nupkg Upgrade to version: System.Text.RegularExpressions - 4.3.1 None
CVE-2018-8292

Path to dependency file: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj

Path to vulnerable library: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj,/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj,/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj,/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj

Dependency Hierarchy:

-> ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

High 7.5 system.net.http.4.3.0.nupkg Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/runtimes/unix/lib/netstandard1.6/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

High 7.5 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/runtimes/win/lib/netcore50/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

High 7.5 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/runtimes/win/lib/netstandard1.3/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

High 7.5 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/runtimes/win/lib/net46/System.Net.Http.dll,/packages/System.Net.Http.4.3.0/lib/net46/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

High 7.5 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2022-0155

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> webpack-dev-server-4.7.3.tgz (Root Library)

   -> http-proxy-middleware-2.0.6.tgz

     -> http-proxy-1.18.1.tgz

       -> ❌ follow-redirects-1.7.0.tgz (Vulnerable Library)

Medium 6.5 follow-redirects-1.7.0.tgz Upgrade to version: follow-redirects - v1.14.7 None
CVE-2021-23386

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> webpack-dev-server-4.7.3.tgz (Root Library)

   -> bonjour-3.5.0.tgz

     -> multicast-dns-6.2.3.tgz

       -> ❌ dns-packet-1.3.1.tgz (Vulnerable Library)

Medium 6.5 dns-packet-1.3.1.tgz Upgrade to version: dns-packet - 5.2.2 None
CVE-2020-23064

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> ❌ jquery-3.4.1.tgz (Vulnerable Library)

Medium 6.1 jquery-3.4.1.tgz Upgrade to version: jquery - 3.5.0 None
CVE-2020-11023

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> ❌ jquery-3.4.1.tgz (Vulnerable Library)

Medium 6.1 jquery-3.4.1.tgz Upgrade to version: jquery - 3.5.0;jquery-rails - 4.4.0 None
CVE-2020-11022

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> ❌ jquery-3.4.1.tgz (Vulnerable Library)

Medium 6.1 jquery-3.4.1.tgz Upgrade to version: jQuery - 3.5.0 None
CVE-2022-0536

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> webpack-dev-server-4.7.3.tgz (Root Library)

   -> http-proxy-middleware-2.0.6.tgz

     -> http-proxy-1.18.1.tgz

       -> ❌ follow-redirects-1.7.0.tgz (Vulnerable Library)

Medium 5.9 follow-redirects-1.7.0.tgz Upgrade to version: follow-redirects - 1.14.8 None
CVE-2021-4231

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> ❌ core-7.2.10.tgz (Vulnerable Library)

Medium 5.4 core-7.2.10.tgz Upgrade to version: @angular/core -10.2.5,11.0.5 ,11.1.0-next.3 None

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2022-2421 socket.io-parser-3.2.0.tgz
WS-2020-0450 handlebars-4.0.13.tgz
CVE-2019-10744 lodash-4.17.11.tgz
CVE-2018-20821 node-sass-v4.11.0
CVE-2021-23383 handlebars-4.0.13.tgz
CVE-2018-11499 opennms-opennms-source-23.0.0-1
CVE-2021-37712 tar-4.4.1.tgz
CVE-2020-7608 yargs-parser-7.0.0.tgz
CVE-2018-20834 tar-4.4.1.tgz
CVE-2018-11696 node-sass-4.11.0.tgz
CVE-2018-19837 node-sass-4.11.0.tgz
CVE-2019-19919 handlebars-4.0.13.tgz
CVE-2019-6284 node-sass-4.11.0.tgz
CVE-2020-7693 sockjs-0.3.19.tgz
CVE-2018-19839 node-sass-4.11.0.tgz
CVE-2020-8124 url-parse-1.4.4.tgz
WS-2018-0347 eslint-2.13.1.tgz
CVE-2018-19827 node-sass-4.11.0.tgz
CVE-2021-32804 tar-4.4.1.tgz
CVE-2018-20821 opennms-opennms-source-23.0.0-1
WS-2020-0344 is-my-json-valid-2.19.0.tgz
CVE-2019-0548 microsoft.aspnetcore.app.2.2.0.nupkg
CVE-2018-19838 node-sass-4.11.0.tgz
CVE-2019-6286 opennms-opennms-source-23.0.0-1
CVE-2021-44906 minimist-1.1.3.tgz
CVE-2018-20822 opennms-opennms-source-23.0.0-1
CVE-2019-10746 mixin-deep-1.3.1.tgz
CVE-2022-1650 eventsource-1.0.7.tgz
CVE-2019-20920 handlebars-4.0.13.tgz
CVE-2021-37713 tar-2.2.1.tgz
CVE-2020-28481 socket.io-2.1.1.tgz
CVE-2022-24771 node-forge-0.7.5.tgz
CVE-2018-11694 node-sass-4.11.0.tgz
WS-2020-0342 is-my-json-valid-2.19.0.tgz
CVE-2019-10747 set-value-2.0.0.tgz
CVE-2022-48282 mongodb.driver.2.5.0.nupkg
CVE-2021-27515 url-parse-1.4.4.tgz
CVE-2022-21681 marked-0.4.0.tgz
CVE-2018-20822 node-sass-4.11.0.tgz
CVE-2022-33987 got-6.7.1.tgz
CVE-2019-18797 node-sass-4.11.0.tgz
CVE-2019-13173 fstream-1.0.11.tgz
CVE-2021-23337 lodash-4.17.11.tgz
CVE-2019-6286 node-sass-4.11.0.tgz
CVE-2022-0691 url-parse-1.4.4.tgz
CVE-2020-36049 socket.io-parser-3.2.0.tgz
CVE-2022-24772 node-forge-0.7.5.tgz
CVE-2018-20834 tar-2.2.1.tgz
CVE-2020-7660 serialize-javascript-1.5.0.tgz
CVE-2021-23369 handlebars-4.0.13.tgz
CVE-2020-7608 yargs-parser-10.1.0.tgz
CVE-2022-25758 scss-tokenizer-0.2.3.tgz
CVE-2019-20922 handlebars-4.0.13.tgz
CVE-2021-37713 tar-4.4.1.tgz
CVE-2018-11698 opennms-opennms-source-23.0.0-1
CVE-2021-23807 jsonpointer-4.0.1.tgz
CVE-2022-0639 url-parse-1.4.4.tgz
CVE-2018-11697 CSS::Sass-v3.3.0
CVE-2018-20821 node-sass-4.11.0.tgz
CVE-2021-32804 tar-2.2.1.tgz
CVE-2021-37712 tar-2.2.1.tgz
WS-2020-0042 acorn-5.7.2.tgz
CVE-2020-8203 lodash-4.17.11.tgz
WS-2020-0127 npm-registry-fetch-3.9.0.tgz
CVE-2018-11697 opennms-opennms-source-23.0.0-1
CVE-2021-23364 browserslist-4.5.2.tgz
CVE-2018-11499 node-sass-4.11.0.tgz
CVE-2019-0564 microsoft.aspnetcore.app.2.2.0.nupkg
CVE-2021-3664 url-parse-1.4.4.tgz
CVE-2019-18797 opennms-opennms-source-23.0.0-1
CVE-2023-0842 xml2js-0.4.19.tgz
CVE-2022-0144 shelljs-0.8.3.tgz
CVE-2022-37598 uglify-js-3.4.9.tgz
CVE-2022-0437 karma-4.0.1.tgz
CVE-2020-7720 node-forge-0.7.5.tgz
CVE-2018-19839 CSS::Sass-v3.3.0
CVE-2022-46175 json5-1.0.1.tgz
WS-2020-0042 acorn-6.1.1.tgz
CVE-2018-20190 opennms-opennms-source-23.0.0-1
WS-2019-0169 marked-0.4.0.tgz
CVE-2020-28500 lodash-4.17.11.tgz
CVE-2020-7598 minimist-1.2.0.tgz
CVE-2019-16769 serialize-javascript-1.5.0.tgz
CVE-2018-19797 node-sass-4.11.0.tgz
CVE-2020-7608 yargs-parser-5.0.0.tgz
CVE-2020-7598 minimist-1.1.3.tgz
CVE-2018-20190 node-sass-4.11.0.tgz
CVE-2022-24773 node-forge-0.7.5.tgz
CVE-2021-32803 tar-2.2.1.tgz
CVE-2019-10747 set-value-0.4.3.tgz
CVE-2019-10795 undefsafe-2.0.2.tgz
CVE-2022-0122 node-forge-0.7.5.tgz
CVE-2022-25858 terser-3.17.0.tgz
WS-2019-0064 handlebars-4.0.13.tgz
CVE-2022-37603 loader-utils-1.2.3.tgz
CVE-2021-23413 jszip-3.2.0.tgz
CVE-2022-48285 jszip-3.2.0.tgz
CVE-2022-38900 decode-uri-component-0.2.0.tgz
WS-2020-0208 highlight.js-9.12.0.tgz
WS-2020-0163 marked-0.4.0.tgz
CVE-2020-28502 xmlhttprequest-ssl-1.5.5.tgz
CVE-2020-8116 dot-prop-4.2.0.tgz
CVE-2021-23440 set-value-0.4.3.tgz
CVE-2021-37701 tar-4.4.1.tgz
CVE-2021-32803 tar-4.4.1.tgz
WS-2020-0443 socket.io-2.1.1.tgz
CVE-2018-19797 opennms-opennms-source-23.0.0-1
WS-2019-0310 https-proxy-agent-2.2.1.tgz
CVE-2019-1302 microsoft.aspnetcore.app.2.2.0.nupkg
CVE-2018-19838 opennms-opennms-source-23.0.0-1
CVE-2020-7598 minimist-0.0.8.tgz
CVE-2022-21680 marked-0.4.0.tgz
CVE-2021-31597 xmlhttprequest-ssl-1.5.5.tgz
CVE-2021-23440 set-value-2.0.0.tgz
CVE-2020-28469 glob-parent-3.1.0.tgz
WS-2019-0209 marked-0.4.0.tgz
CVE-2021-43138 async-2.6.2.tgz
CVE-2021-44906 minimist-1.2.0.tgz
WS-2019-0307 mem-1.1.0.tgz
CVE-2019-6283 opennms-opennms-source-23.0.0-1
WS-2019-0605 opennms-opennms-source-23.0.0-1
WS-2019-0063 js-yaml-3.13.0.tgz
WS-2020-0091 http-proxy-1.17.0.tgz
WS-2019-0180 lodash.mergewith-4.6.1.tgz
WS-2020-0345 jsonpointer-4.0.1.tgz
CVE-2020-36048 engine.io-3.2.1.tgz
CVE-2022-25881 http-cache-semantics-3.8.1.tgz
CVE-2020-24025 node-sass-4.11.0.tgz
CVE-2018-19827 opennms-opennms-source-23.0.0-1
CVE-2019-1075 microsoft.aspnetcore.app.2.2.0.nupkg
WS-2022-0008 node-forge-0.7.5.tgz
CVE-2023-28155 request-2.88.0.tgz
CVE-2022-0512 url-parse-1.4.4.tgz
WS-2018-0650 useragent-2.3.0.tgz
CVE-2022-37601 loader-utils-1.2.3.tgz
CVE-2019-6283 node-sass-4.11.0.tgz
CVE-2020-28499 merge-1.2.1.tgz
CVE-2019-20149 kind-of-6.0.2.tgz
CVE-2019-10744 lodash.mergewith-4.6.1.tgz
CVE-2021-37701 tar-2.2.1.tgz
CVE-2022-0144 shelljs-0.6.1.tgz
CVE-2022-0686 url-parse-1.4.4.tgz
CVE-2019-6284 opennms-opennms-source-23.0.0-1
CVE-2018-11697 node-sass-4.11.0.tgz
CVE-2021-23495 karma-4.0.1.tgz
CVE-2021-44906 minimist-0.0.8.tgz
CVE-2017-18869 chownr-1.0.1.tgz
CVE-2022-41940 engine.io-3.2.1.tgz

Base branch total remaining vulnerabilities: 173
Base branch commit: null


Total libraries scanned: 1149

Scan token: 130c441d15034297a12c12e726b2f071

View more details on Mend Bolt for GitHub