Update dependency semver to v7.5.2 [SECURITY] #425
Mend Bolt for GitHub / WhiteSource Security Check
failed
Jul 12, 2023 in 2m 43s
Security Report
4 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2022-25883Dependency Hierarchy: -> preset-env-7.18.2.tgz (Root Library) -> ❌ semver-6.3.0.tgz (Vulnerable Library) |
Medium | 5.3 | semver-6.3.0.tgz | Upgrade to version: semver - 7.5.2 | None |
CVE-2022-25883Dependency Hierarchy: -> render-content-5.2.1.tgz (Root Library) -> ❌ semver-5.7.1.tgz (Vulnerable Library) |
Medium | 5.3 | semver-5.7.1.tgz | Upgrade to version: semver - 7.5.2 | None |
Medium | 5.3 | semver-7.3.5.tgz | Upgrade to version: semver - 7.5.2 | None | |
CVE-2022-25883Dependency Hierarchy: -> preset-env-7.18.2.tgz (Root Library) -> core-js-compat-3.24.0.tgz -> ❌ semver-7.0.0.tgz (Vulnerable Library) |
Medium | 5.3 | semver-7.0.0.tgz | Upgrade to version: semver - 7.5.2 | None |
Base branch total remaining vulnerabilities: 7
Base branch commit: 4331841e1d43f1270ae10f35e687895020766610
Total libraries scanned: 738
Scan token: 6dad37a5b28b47569496c4eed0ed051d
Loading