Update package-lock.json #58

try-panwiac · 2023-05-03T05:14:34Z

No description provided.

prisma-cloud-devsecops

Prisma Cloud has found errors in this PR ⬇️

prisma-cloud-devsecops · 2023-05-03T05:15:40Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


decode-uri-component 0.2.0 / package-lock.json

Total vulnerabilities: 2

Critical: 0 High: 1 Medium: 1 Low: 0

Vulnerability ID Severity CVSS Fixed in Status

CVE-2022-38900 HIGH 7 0.2.1 Open

CVE-2022-38778 MEDIUM 6.5 0.2.1 Open

prisma-cloud-devsecops · 2023-05-03T05:15:40Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


bson 1.0.9 / package-lock.json

Total vulnerabilities: 2

Critical: 1 High: 0 Medium: 1 Low: 0

Vulnerability ID Severity CVSS Fixed in Status

CVE-2020-7610 CRITICAL 9.8 1.1.4 Open

CVE-2019-2391 MEDIUM 4 1.1.4 Open

prisma-cloud-devsecops · 2023-05-03T05:15:40Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


debug 2.2.0 / package-lock.json

Total vulnerabilities: 2

Critical: 0 High: 1 Medium: 1 Low: 0

Vulnerability ID Severity CVSS Fixed in Status

CVE-2017-20165 HIGH 7.5 2.6.9 Open

CVE-2017-16137 MEDIUM 5.3 2.6.9 Open

prisma-cloud-devsecops · 2023-05-03T05:15:41Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


nconf 0.6.9 / package-lock.json

Total vulnerabilities: 1

Critical: 0 High: 1 Medium: 0 Low: 0

Vulnerability ID Severity CVSS Fixed in Status

CVE-2022-21803 HIGH 7.5 0.11.4 Open

prisma-cloud-devsecops · 2023-05-03T05:15:41Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


ms 0.7.1 / package-lock.json

Total vulnerabilities: 1

Critical: 0 High: 0 Medium: 1 Low: 0

Vulnerability ID Severity CVSS Fixed in Status

CVE-2017-20162 MEDIUM 5.3 2.0.0 Open

prisma-cloud-devsecops · 2023-05-03T05:15:44Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


prompt 0.2.14 / package-lock.json

Unknown License (NOT_FOUND)

This package use a non-SPDX, unrecognized, or private open-source license. Ensure this package is compliant.

prisma-cloud-devsecops · 2023-05-03T05:15:44Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


ps-tree 0.0.3 / package-lock.json

Unknown License (NOT_FOUND)

This package use a non-SPDX, unrecognized, or private open-source license. Ensure this package is compliant.

prisma-cloud-devsecops · 2023-05-03T05:15:44Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


wordwrap 0.0.2 / package-lock.json

Noncompliant License (X11)

This package contains a license that is not OSI-approved.

prisma-cloud-devsecops · 2023-05-03T05:15:44Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


yargs 3.5.4 / package-lock.json

Noncompliant License (X11)

This package contains a license that is not OSI-approved.

prisma-cloud-devsecops · 2023-05-03T05:15:45Z

package-lock.json

@@ -2,7 +2,7 @@
  "name": "owasp-nodejs-goat",


utile 0.3.0 / package-lock.json

Unknown License (NOT_FOUND)

This package use a non-SPDX, unrecognized, or private open-source license. Ensure this package is compliant.

Update package-lock.json

5fd46f0

prisma-cloud-devsecops bot reviewed May 3, 2023

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update package-lock.json #58

Update package-lock.json #58

try-panwiac commented May 3, 2023

prisma-cloud-devsecops bot left a comment

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

prisma-cloud-devsecops bot May 3, 2023

Vulnerability ID	Severity	CVSS	Fixed in	Status
CVE-2022-38900	HIGH	7	`0.2.1`	Open
CVE-2022-38778	MEDIUM	6.5	`0.2.1`	Open

Vulnerability ID	Severity	CVSS	Fixed in	Status
CVE-2020-7610	CRITICAL	9.8	`1.1.4`	Open
CVE-2019-2391	MEDIUM	4	`1.1.4`	Open

Vulnerability ID	Severity	CVSS	Fixed in	Status
CVE-2017-20165	HIGH	7.5	`2.6.9`	Open
CVE-2017-16137	MEDIUM	5.3	`2.6.9`	Open

Update package-lock.json #58

Are you sure you want to change the base?

Update package-lock.json #58

Conversation

try-panwiac commented May 3, 2023

prisma-cloud-devsecops bot left a comment

Choose a reason for hiding this comment

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

decode-uri-component 0.2.0 / package-lock.json

Total vulnerabilities: 2

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

bson 1.0.9 / package-lock.json

Total vulnerabilities: 2

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

debug 2.2.0 / package-lock.json

Total vulnerabilities: 2

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

nconf 0.6.9 / package-lock.json

Total vulnerabilities: 1

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

ms 0.7.1 / package-lock.json

Total vulnerabilities: 1

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

prompt 0.2.14 / package-lock.json

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

ps-tree 0.0.3 / package-lock.json

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

wordwrap 0.0.2 / package-lock.json

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

yargs 3.5.4 / package-lock.json

prisma-cloud-devsecops bot May 3, 2023

Choose a reason for hiding this comment

utile 0.3.0 / package-lock.json