Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Security upgrade Autofac from 4.6.2 to 5.0.0 #38

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

fix: src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBu…

5e0ebf9
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Security upgrade Autofac from 4.6.2 to 5.0.0 #38

fix: src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBu…
5e0ebf9
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / WhiteSource Security Check failed Apr 19, 2024 in 2h 3m 58s

Security Report

You have successfully remediated 150 vulnerabilities, but introduced 30 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-21907

Path to dependency file: /eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj

Path to vulnerable library: /eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj,/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj,/eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj,/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj

Dependency Hierarchy:

-> ❌ newtonsoft.json.10.0.3.nupkg (Vulnerable Library)

High 7.5 newtonsoft.json.10.0.3.nupkg Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/netstandard1.3/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/netstandard1.0/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net45/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net20/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Xamarin.Build.Download.0.4.11/build/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-6.0.4.17603.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-6.0.4.17603.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/portable-net40+sl5+win8+wp8+wpa81/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net40/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/portable-net45+win8+wp8+wpa81/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2024-21907

Path to vulnerable library: /packages/Newtonsoft.Json.10.0.3/lib/net35/Newtonsoft.Json.dll

Dependency Hierarchy:

-> ❌ Newtonsoft.Json-10.0.3.21018.dll (Vulnerable Library)

High 7.5 Newtonsoft.Json-10.0.3.21018.dll Upgrade to version: Newtonsoft.Json - 13.0.1 None
CVE-2019-0820

Path to vulnerable library: /packages/System.Text.RegularExpressions.4.3.0/lib/netstandard1.6/System.Text.RegularExpressions.dll

Dependency Hierarchy:

-> ❌ System.Text.RegularExpressions-4.6.24705.01.dll (Vulnerable Library)

High 7.5 System.Text.RegularExpressions-4.6.24705.01.dll Upgrade to version: System.Text.RegularExpressions - 4.3.1 None
CVE-2019-0820

Path to dependency file: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj

Path to vulnerable library: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj,/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj,/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj,/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj

Dependency Hierarchy:

-> ❌ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

High 7.5 system.text.regularexpressions.4.3.0.nupkg Upgrade to version: System.Text.RegularExpressions - 4.3.1 None
CVE-2024-29180

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> webpack-dev-server-3.1.14.tgz (Root Library)

   -> ❌ webpack-dev-middleware-3.4.0.tgz (Vulnerable Library)

High 7.4 webpack-dev-middleware-3.4.0.tgz Upgrade to version: webpack-dev-middleware - 5.3.4,6.1.2,7.1.0 None
CVE-2024-29041

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> webpack-dev-server-3.1.14.tgz (Root Library)

   -> ❌ express-4.16.4.tgz (Vulnerable Library)

Medium 6.1 express-4.16.4.tgz Upgrade to version: express - 4.19.0 None
CVE-2021-4231

Path to dependency file: /src/Web/WebSPA/package.json

Path to vulnerable library: /src/Web/WebSPA/package.json

Dependency Hierarchy:

-> ❌ core-7.2.10.tgz (Vulnerable Library)

Medium 5.4 core-7.2.10.tgz Upgrade to version: @angular/core -10.2.5,11.0.5 ,11.1.0-next.3 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/runtimes/win/lib/netcore50/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

Medium 5.3 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to dependency file: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj

Path to vulnerable library: /eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj,/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj,/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj,/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj

Dependency Hierarchy:

-> ❌ system.net.http.4.3.0.nupkg (Vulnerable Library)

Medium 5.3 system.net.http.4.3.0.nupkg Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/runtimes/unix/lib/netstandard1.6/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

Medium 5.3 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/runtimes/win/lib/netstandard1.3/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

Medium 5.3 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2018-8292

Path to vulnerable library: /packages/System.Net.Http.4.3.0/lib/net46/System.Net.Http.dll,/packages/System.Net.Http.4.3.0/runtimes/win/lib/net46/System.Net.Http.dll

Dependency Hierarchy:

-> ❌ System.Net.Http-4.6.24705.01.dll (Vulnerable Library)

Medium 5.3 System.Net.Http-4.6.24705.01.dll Upgrade to version: System.Net.Http - 4.3.4;Microsoft.PowerShell.Commands.Utility - 6.1.0-rc.1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/Xamarin.iOS10/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/MonoAndroid10/Xamarin.Forms.Platform.Android.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform.Android-2.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform.Android-2.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/netstandard1.0/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to dependency file: /home/wss-scanner/.nuget/packages/xunit.runner.devices/2.3.3/xunit.runner.devices.nuspec

Path to vulnerable library: /home/wss-scanner/.nuget/packages/xamarin.forms/3.0.0.482510/xamarin.forms.3.0.0.482510.nupkg,/packages/Xamarin.Forms.3.0.0.482510/Xamarin.Forms.3.0.0.482510.nupkg

Dependency Hierarchy:

-> ❌ xamarin.forms.3.0.0.482510.nupkg (Vulnerable Library)

Medium 4.7 xamarin.forms.3.0.0.482510.nupkg Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/netstandard2.0/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/uap10.0/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/Xamarin.Mac/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/tizen40/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.3.0.0.482510/lib/MonoAndroid10/Xamarin.Forms.Platform.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform-1.0.0.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform-1.0.0.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None
CVE-2020-16873

Path to vulnerable library: /packages/Xamarin.Forms.1.3.4.6332/lib/MonoAndroid10/Xamarin.Forms.Platform.Android.dll

Dependency Hierarchy:

-> ❌ Xamarin.Forms.Platform.Android-1.3.4.0.dll (Vulnerable Library)

Medium 4.7 Xamarin.Forms.Platform.Android-1.3.4.0.dll Upgrade to version: Xamarin.Forms - 4.7.0.1351,4.8.0.1364,5.0.0.1487-pre1 None

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2022-2421 socket.io-parser-3.2.0.tgz
CVE-2018-20821 node-sass-v4.11.0
CVE-2021-23383 handlebars-4.0.13.tgz
CVE-2018-11694 opennms-opennms-source-23.0.0-1
CVE-2018-11696 node-sass-4.11.0.tgz
CVE-2020-15366 ajv-4.11.8.tgz
CVE-2018-19837 node-sass-4.11.0.tgz
CVE-2019-19919 handlebars-4.0.13.tgz
CVE-2018-19839 node-sass-4.11.0.tgz
CVE-2021-3807 ansi-regex-4.1.0.tgz
WS-2018-0347 eslint-2.13.1.tgz
CVE-2024-21907 newtonsoft.json.11.0.2.nupkg
CVE-2018-20821 opennms-opennms-source-23.0.0-1
WS-2020-0344 is-my-json-valid-2.19.0.tgz
CVE-2019-0548 microsoft.aspnetcore.app.2.2.0.nupkg
CVE-2018-19838 node-sass-4.11.0.tgz
CVE-2018-20822 opennms-opennms-source-23.0.0-1
CVE-2018-19826 node-sass-v4.11.0
CVE-2021-3918 json-schema-0.2.3.tgz
CVE-2018-11694 node-sass-4.11.0.tgz
WS-2020-0342 is-my-json-valid-2.19.0.tgz
CVE-2018-20822 node-sass-4.11.0.tgz
CVE-2022-33987 got-6.7.1.tgz
CVE-2021-33623 trim-newlines-1.0.0.tgz
CVE-2021-23343 path-parse-1.0.6.tgz
CVE-2020-36049 socket.io-parser-3.2.0.tgz
CVE-2020-7660 serialize-javascript-1.5.0.tgz
CVE-2023-45311 fsevents-1.2.7.tgz
CVE-2018-11697 CSS::Sass-v3.3.0
CVE-2018-20821 node-sass-4.11.0.tgz
WS-2020-0042 acorn-5.7.2.tgz
CVE-2018-11499 node-sass-4.11.0.tgz
CVE-2019-0564 microsoft.aspnetcore.app.2.2.0.nupkg
CVE-2021-37701 tar-4.4.8.tgz
CVE-2019-18797 opennms-opennms-source-23.0.0-1
CVE-2022-0144 shelljs-0.8.3.tgz
CVE-2022-0437 karma-4.0.1.tgz
CVE-2022-46175 json5-1.0.1.tgz
WS-2019-0169 marked-0.4.0.tgz
CVE-2020-7598 minimist-1.1.3.tgz
CVE-2018-20190 node-sass-4.11.0.tgz
CVE-2021-27290 ssri-6.0.1.tgz
CVE-2021-23413 jszip-3.2.0.tgz
CVE-2020-28502 xmlhttprequest-ssl-1.5.5.tgz
CVE-2020-8116 dot-prop-4.2.0.tgz
CVE-2018-19797 opennms-opennms-source-23.0.0-1
CVE-2019-1302 microsoft.aspnetcore.app.2.2.0.nupkg
CVE-2022-21680 marked-0.4.0.tgz
CVE-2020-7774 y18n-3.2.1.tgz
CVE-2020-28498 elliptic-6.4.1.tgz
CVE-2024-27088 es5-ext-0.10.46.tgz
WS-2019-0605 opennms-opennms-source-23.0.0-1
WS-2019-0063 js-yaml-3.13.0.tgz
CVE-2020-36048 engine.io-3.2.1.tgz
CVE-2020-24025 node-sass-4.11.0.tgz
CVE-2018-19827 opennms-opennms-source-23.0.0-1
CVE-2019-1075 microsoft.aspnetcore.app.2.2.0.nupkg
CVE-2021-23362 hosted-git-info-2.7.1.tgz
CVE-2020-13822 elliptic-6.4.1.tgz
WS-2018-0650 useragent-2.3.0.tgz
CVE-2020-28499 merge-1.2.1.tgz
CVE-2021-37701 tar-2.2.1.tgz
CVE-2018-11499 node-sass-v4.11.0
CVE-2021-23495 karma-4.0.1.tgz
WS-2020-0450 handlebars-4.0.13.tgz
CVE-2024-21907 xunit.runner.visualstudio.2.3.0.nupkg
CVE-2018-11499 opennms-opennms-source-23.0.0-1
CVE-2020-7608 yargs-parser-7.0.0.tgz
CVE-2019-6284 node-sass-4.11.0.tgz
CVE-2018-11697 node-sass-v4.11.0
CVE-2018-19827 node-sass-4.11.0.tgz
CVE-2021-23368 postcss-7.0.14.tgz
WS-2019-0424 elliptic-6.4.1.tgz
CVE-2021-37712 tar-4.4.8.tgz
CVE-2019-6286 opennms-opennms-source-23.0.0-1
CVE-2021-44906 minimist-1.1.3.tgz
CVE-2019-20920 handlebars-4.0.13.tgz
CVE-2021-37713 tar-2.2.1.tgz
CVE-2020-28481 socket.io-2.1.1.tgz
MSC-2023-16598 fsevents-1.2.7.tgz
CVE-2022-48282 mongodb.driver.2.5.0.nupkg
CVE-2022-21681 marked-0.4.0.tgz
CVE-2019-18797 node-sass-4.11.0.tgz
CVE-2019-13173 fstream-1.0.11.tgz
CVE-2019-15599 tree-kill-1.2.1.tgz
CVE-2019-6286 node-sass-4.11.0.tgz
CVE-2023-45133 babel-traverse-6.26.0.tgz
CVE-2018-20834 tar-2.2.1.tgz
CVE-2021-23369 handlebars-4.0.13.tgz
CVE-2022-25758 scss-tokenizer-0.2.3.tgz
CVE-2019-20922 handlebars-4.0.13.tgz
CVE-2018-11698 opennms-opennms-source-23.0.0-1
CVE-2021-23807 jsonpointer-4.0.1.tgz
CVE-2021-32804 tar-2.2.1.tgz
CVE-2021-37712 tar-2.2.1.tgz
CVE-2022-25883 semver-5.3.0.tgz
WS-2020-0127 npm-registry-fetch-3.9.0.tgz
CVE-2022-26592 node-sass-v4.11.0
CVE-2024-21907 microsoft.visualstudio.azure.containers.tools.targets.1.0.2105168.nupkg
CVE-2018-11697 opennms-opennms-source-23.0.0-1
CVE-2021-23364 browserslist-4.5.2.tgz
CVE-2021-27290 ssri-5.3.0.tgz
CVE-2023-26136 tough-cookie-2.4.3.tgz
CVE-2023-0842 xml2js-0.4.19.tgz
CVE-2022-37598 uglify-js-3.4.9.tgz
CVE-2018-19839 CSS::Sass-v3.3.0
WS-2020-0042 acorn-6.1.1.tgz
CVE-2018-20190 opennms-opennms-source-23.0.0-1
CVE-2021-37713 tar-4.4.8.tgz
CVE-2019-16769 serialize-javascript-1.5.0.tgz
CVE-2018-19797 node-sass-4.11.0.tgz
CVE-2020-7608 yargs-parser-5.0.0.tgz
CVE-2021-32803 tar-2.2.1.tgz
CVE-2019-10795 undefsafe-2.0.2.tgz
WS-2019-0427 elliptic-6.4.1.tgz
CVE-2022-25858 terser-3.17.0.tgz
WS-2019-0064 handlebars-4.0.13.tgz
CVE-2022-37603 loader-utils-1.2.3.tgz
CVE-2022-21704 log4js-4.0.2.tgz
CVE-2024-28863 tar-4.4.8.tgz
CVE-2022-48285 jszip-3.2.0.tgz
WS-2020-0208 highlight.js-9.12.0.tgz
WS-2020-0163 marked-0.4.0.tgz
WS-2020-0443 socket.io-2.1.1.tgz
WS-2019-0310 https-proxy-agent-2.2.1.tgz
CVE-2018-19838 opennms-opennms-source-23.0.0-1
CVE-2018-20190 node-sass-v4.11.0
CVE-2021-32804 tar-4.4.8.tgz
CVE-2021-31597 xmlhttprequest-ssl-1.5.5.tgz
WS-2019-0209 marked-0.4.0.tgz
CVE-2021-43138 async-2.6.2.tgz
CVE-2021-23382 postcss-7.0.14.tgz
WS-2019-0307 mem-1.1.0.tgz
CVE-2023-46234 browserify-sign-4.0.4.tgz
CVE-2024-28863 tar-2.2.1.tgz
CVE-2019-6283 opennms-opennms-source-23.0.0-1
WS-2019-0180 lodash.mergewith-4.6.1.tgz
CVE-2020-15366 ajv-5.5.2.tgz
WS-2020-0345 jsonpointer-4.0.1.tgz
CVE-2022-25881 http-cache-semantics-3.8.1.tgz
CVE-2021-32803 tar-4.4.8.tgz
CVE-2023-28155 request-2.88.0.tgz
CVE-2018-11694 node-sass-v4.11.0
CVE-2022-37601 loader-utils-1.2.3.tgz
CVE-2019-6283 node-sass-4.11.0.tgz
CVE-2019-10744 lodash.mergewith-4.6.1.tgz
CVE-2022-0144 shelljs-0.6.1.tgz
CVE-2019-6284 opennms-opennms-source-23.0.0-1
CVE-2018-11697 node-sass-4.11.0.tgz
CVE-2022-41940 engine.io-3.2.1.tgz

Base branch total remaining vulnerabilities: 241
Base branch commit: null


Total libraries scanned: 1247

Scan token: 81dbff5e01634492bc6e366868d28377

View more details on Mend Bolt for GitHub