⬆️ Updates eslint-plugin-github to v5 #642
Open
Mend Bolt for GitHub / WhiteSource Security Check
failed
Jun 5, 2024 in 5m 38s
Security Report
You have successfully remediated 59 vulnerabilities, but introduced 1 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | Vulnerable Library | Suggested Fix | Issue | |
---|---|---|---|---|---|
CVE-2022-24999Path to dependency file: /package.json Path to vulnerable library: /node_modules/qs/package.json Dependency Hierarchy: -> ❌ qs-6.9.6.tgz (Vulnerable Library) |
7.5 | qs-6.9.6.tgz | Upgrade to version: qs - 6.2.4,6.3.3,6.4.1,6.5.3,6.6.1,6.7.3,6.8.3,6.9.7,6.10.3 | #611 |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2021-37712 | tar-6.1.0.tgz |
CVE-2021-44906 | minimist-1.2.5.tgz |
CVE-2022-25851 | jpeg-js-0.4.3.tgz |
CVE-2024-29415 | ip-1.1.5.tgz |
CVE-2021-37701 | tar-4.4.13.tgz |
CVE-2023-26136 | tough-cookie-2.4.3.tgz |
CVE-2021-32804 | tar-6.1.0.tgz |
CVE-2022-46175 | json5-1.0.1.tgz |
CVE-2022-29244 | npm-6.14.11.tgz |
CVE-2022-46175 | json5-2.2.0.tgz |
CVE-2021-32804 | tar-4.4.13.tgz |
CVE-2020-28500 | lodash-4.17.20.tgz |
CVE-2021-3807 | ansi-regex-4.1.0.tgz |
CVE-2021-33502 | normalize-url-5.3.0.tgz |
CVE-2023-26115 | word-wrap-1.2.3.tgz |
CVE-2021-27290 | ssri-6.0.1.tgz |
CVE-2023-26136 | tough-cookie-3.0.1.tgz |
CVE-2022-38900 | decode-uri-component-0.2.0.tgz |
CVE-2012-6708 | jquery-1.8.1.min.js |
CVE-2020-7656 | jquery-1.8.1.min.js |
CVE-2022-25883 | semver-6.3.0.tgz |
CVE-2023-26136 | tough-cookie-2.5.0.tgz |
CVE-2021-32803 | tar-6.1.0.tgz |
CVE-2021-3807 | ansi-regex-5.0.0.tgz |
CVE-2021-3795 | semver-regex-3.1.2.tgz |
CVE-2022-31051 | semantic-release-17.3.9.tgz |
CVE-2021-3918 | json-schema-0.2.3.tgz |
CVE-2021-23362 | hosted-git-info-2.8.8.tgz |
CVE-2021-23364 | browserslist-4.16.3.tgz |
CVE-2022-24999 | qs-6.5.2.tgz |
CVE-2021-3807 | ansi-regex-3.0.0.tgz |
CVE-2022-37598 | uglify-js-3.12.8.tgz |
CVE-2021-37701 | tar-6.1.0.tgz |
CVE-2021-43307 | semver-regex-3.1.2.tgz |
CVE-2024-28863 | tar-4.4.13.tgz |
CVE-2020-7774 | y18n-4.0.0.tgz |
CVE-2021-23337 | lodash-4.17.20.tgz |
CVE-2022-25881 | http-cache-semantics-3.8.1.tgz |
CVE-2020-28469 | glob-parent-5.1.1.tgz |
CVE-2022-25883 | semver-5.7.1.tgz |
CVE-2022-33987 | got-6.7.1.tgz |
CVE-2023-28155 | request-2.88.0.tgz |
CVE-2021-23343 | path-parse-1.0.6.tgz |
CVE-2020-11023 | jquery-1.8.1.min.js |
CVE-2021-32640 | ws-7.4.3.tgz |
CVE-2021-37713 | tar-6.1.0.tgz |
CVE-2024-28863 | tar-6.1.0.tgz |
CVE-2020-28499 | merge-1.2.1.tgz |
CVE-2022-25883 | semver-7.0.0.tgz |
CVE-2021-37712 | tar-4.4.13.tgz |
CVE-2021-32803 | tar-4.4.13.tgz |
CVE-2021-3777 | tmpl-1.0.4.tgz |
CVE-2015-9251 | jquery-1.8.1.min.js |
CVE-2021-37713 | tar-4.4.13.tgz |
CVE-2023-42282 | ip-1.1.5.tgz |
CVE-2023-28155 | request-2.88.2.tgz |
CVE-2022-3517 | minimatch-3.0.4.tgz |
CVE-2020-11022 | jquery-1.8.1.min.js |
CVE-2021-23425 | trim-off-newlines-1.0.1.tgz |
Base branch total remaining vulnerabilities: 61
Base branch commit: null
Total libraries scanned: 7
Scan token: c2092798b4694a5b949bf2560396dda1
Loading