This repository has been archived by the owner on Apr 11, 2023. It is now read-only.
Upgrade Vulnerable Libraries #378
Comments
|
Dependency Dependency node-forge |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Upgrade vulnerable libraries to the latest/suggested version
trustbloc / wallet
Known security vulnerabilities detected
Dependency:
github.com/opencontainers/runc Version < 1.0.3 MEDIUM severity
Upgrade to ~> 1.0.3
Defined in: go.sum
Dependency
axios Version < 0.21.1
Upgrade to ~> 0.21.1
Defined in: package-lock.json
Dependency
underscore Version >= 1.3.2 < 1.12.1
Upgrade to ~> 1.12.1
Defined in package-lock.json
Dependency
dot-object Version < 2.1.3
Upgrade to ~> 2.1.3
Defined in
package-lock.json
trustbloc / sandbox
Dependency
is-svg Version >= 2.1.0 < 4.2.2 HIGH Severity Issues
CVE-2021-28092 High severity
CVE-2021-29059 High severity
Upgrade to ~> 4.2.2
Defined in package-lock.json
Dependency
mem Version < 4.0.0 MEDIUM Severity
Upgrade to ~> 4.0.0
Defined in package-lock.json
Dependency
glob-parent Version < 5.1.2 CVE-2020-28469 High severity
Upgrade to ~> 5.1.2
Defined in package-lock.json
Dependency url-parse CVE-2022-0686 Critical severity
CVE-2021-3664 Moderate severity
Version < 1.5.2
Upgrade to ~> 1.5.2
Defined in package-lock.json
Dependency
path-parse Version < 1.0.7 CVE-2021-23343 Moderate severity
Upgrade to ~> 1.0.7
Defined in package-lock.json
Dependency nth-check CVE-2021-3803 High severity
Version < 2.0.1
Upgrade to ~> 2.0.1
Defined in package-lock.json
Dependency
validator Version < 13.7.0 CVE-2021-3765 Moderate severity
Upgrade to ~> 13.7.0
Defined in package-lock.json
Dependency
github.com/tidwall/gjson CVE-2021-42836 High severity
CVE-2021-42836 High severity
CVE-2021-42836 High severity
CVE-2021-42836 High severity
CVE-2021-42248 High severity
Version < 1.9.3
Upgrade to ~> 1.9.3
Defined in go.sum
Dependency go.mongodb.org/mongo-driver Version < 1.5.1 CVE-2021-20329 Moderate severity
Upgrade to ~> 1.5.1
Defined in go.sum
Dependency
json-schema Version < 0.4.0 CVE-2021-3918 Critical severity
Upgrade to ~> 0.4.0
The text was updated successfully, but these errors were encountered: