Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 88 vulnerabilities #20

Open
wants to merge 1 commit into
base: main-os
Choose a base branch
from
Open

[Snyk] Fix for 88 vulnerabilities #20

wants to merge 1 commit into from

Conversation

cssecautomation
Copy link

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • samples/package.json
    • samples/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00249, Social Trends: No, Days since published: 663, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.94, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-1924893		 No No Known Exploit
medium severity 126/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00146, Social Trends: No, Days since published: 663, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.23, Score Version: V5		 Inappropriate Implementation
SNYK-JS-ELECTRON-1924894		 No No Known Exploit
medium severity 117/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00212, Social Trends: No, Days since published: 663, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.99, Likelihood: 1.94, Score Version: V5		 Inappropriate Implementation
SNYK-JS-ELECTRON-1924895		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00176, Social Trends: No, Days since published: 663, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-1930826		 No No Known Exploit
high severity 136/1000
Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00176, Social Trends: No, Days since published: 632, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 7.03, Likelihood: 1.93, Score Version: V5		 Incorrect Authorization
SNYK-JS-ELECTRON-1932534		 No No Known Exploit
medium severity 116/1000
Why? Confidentiality impact: None, Integrity impact: High, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00106, Social Trends: No, Days since published: 665, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.99, Likelihood: 1.93, Score Version: V5		 Domain Spoofing
SNYK-JS-ELECTRON-2329155		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00249, Social Trends: No, Days since published: 665, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.94, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2329162		 Yes No Known Exploit
high severity 191/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00364, Social Trends: No, Days since published: 638, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.94, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2329257		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00176, Social Trends: No, Days since published: 660, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2329258		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00299, Social Trends: No, Days since published: 638, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.94, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2330890		 No No Known Exploit
high severity 191/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00399, Social Trends: No, Days since published: 660, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.94, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2332172		 No No Known Exploit
critical severity 248/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00102, Social Trends: No, Days since published: 635, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Critical, Package Popularity Score: 98, Impact: 9.79, Likelihood: 2.52, Score Version: V5		 Improper Input Validation
SNYK-JS-ELECTRON-2332173		 No No Known Exploit
medium severity 117/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00296, Social Trends: No, Days since published: 660, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.99, Likelihood: 1.94, Score Version: V5		 Improper Input Validation
SNYK-JS-ELECTRON-2332174		 No No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 556, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2332175		 No No Known Exploit
medium severity 126/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 635, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.23, Score Version: V5		 Improper Control of a Resource Through its Lifetime
SNYK-JS-ELECTRON-2332176		 No No Known Exploit
high severity 197/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.02305, Social Trends: No, Days since published: 655, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 2.01, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2338684		 No No Known Exploit
medium severity 117/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00212, Social Trends: No, Days since published: 632, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.99, Likelihood: 1.94, Score Version: V5		 Incorrect Authorization
SNYK-JS-ELECTRON-2339880		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00176, Social Trends: No, Days since published: 644, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2339883		 No No Known Exploit
high severity 191/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00364, Social Trends: No, Days since published: 635, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.94, Score Version: V5		 Interger Underflow
SNYK-JS-ELECTRON-2351961		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 603, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2404183		 No No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 603, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Improper Check or Handling of Exceptional Conditions
SNYK-JS-ELECTRON-2404184		 No No Known Exploit
high severity 691/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: High, Scope: Unchanged, Exploit Maturity: High, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.04586, Social Trends: No, Days since published: 614, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 97, Impact: 7.84, Likelihood: 8.82, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2414027		 Yes Mature
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 603, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Integer Overflow or Wraparound
SNYK-JS-ELECTRON-2420972		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 603, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2420994		 No No Known Exploit
medium severity 60/1000
Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00167, Social Trends: No, Days since published: 576, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 2.35, Likelihood: 2.53, Score Version: V5		 Information Exposure
SNYK-JS-ELECTRON-2422385		 No No Known Exploit
medium severity 149/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Changed, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00164, Social Trends: No, Days since published: 589, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 6.65, Likelihood: 2.23, Score Version: V5		 Out-of-bounds Read
SNYK-JS-ELECTRON-2431021		 No No Known Exploit
low severity 40/1000
Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Changed, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00139, Social Trends: No, Days since published: 590, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Low, Package Popularity Score: 98, Impact: 2.39, Likelihood: 1.64, Score Version: V5		 Improper Access Control
SNYK-JS-ELECTRON-2431353		 No No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 576, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2433620		 No No Known Exploit
high severity 529/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: High, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.0153, Social Trends: No, Days since published: 584, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 97, Impact: 5.62, Likelihood: 9.41, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2434822		 No Mature
medium severity 142/1000
Why? Confidentiality impact: None, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 584, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 8.63, Likelihood: 1.64, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2434824		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 576, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2441711		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 534, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2774694		 Yes No Known Exploit
medium severity 109/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 540, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 1.93, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2803052		 No No Known Exploit
medium severity 46/1000
Why? Confidentiality impact: None, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00289, Social Trends: No, Days since published: 540, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 2.35, Likelihood: 1.94, Score Version: V5		 Improper implementation
SNYK-JS-ELECTRON-2803053		 No No Known Exploit
critical severity 921/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: High, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01537, Social Trends: No, Days since published: 565, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Critical, Package Popularity Score: 97, Impact: 9.79, Likelihood: 9.41, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2805803		 No Mature
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 427, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2805927		 No No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00131, Social Trends: No, Days since published: 540, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2806357		 No No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 543, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2806730		 Yes No Known Exploit
medium severity 126/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00103, Social Trends: No, Days since published: 543, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.23, Score Version: V5		 Inappropriate implementation
SNYK-JS-ELECTRON-2807802		 Yes No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00099, Social Trends: No, Days since published: 537, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Improper Input Validation
SNYK-JS-ELECTRON-2807803		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 537, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2807804		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 534, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2808872		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 492, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2808873		 Yes No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00103, Social Trends: No, Days since published: 537, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Inappropriate implementation
SNYK-JS-ELECTRON-2808874		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00094, Social Trends: No, Days since published: 543, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2812497		 No No Known Exploit
medium severity 126/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00103, Social Trends: No, Days since published: 543, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.23, Score Version: V5		 Inappropriate implementation
SNYK-JS-ELECTRON-2812499		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00096, Social Trends: No, Days since published: 534, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2824110		 No No Known Exploit
high severity 142/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00072, Social Trends: No, Days since published: 533, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.52, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2838863		 No No Known Exploit
medium severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): High, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00087, Social Trends: No, Days since published: 507, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Improper Input Validation
SNYK-JS-ELECTRON-2869408		 No No Known Exploit
medium severity 121/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Changed, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): High, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00251, Social Trends: No, Days since published: 507, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 6.22, Likelihood: 1.94, Score Version: V5		 Exposure of Resource to Wrong Sphere
SNYK-JS-ELECTRON-2869410		 No No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00095, Social Trends: No, Days since published: 506, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2870632		 Yes No Known Exploit
medium severity 116/1000
Why? Confidentiality impact: High, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 523, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.99, Likelihood: 1.93, Score Version: V5		 Improper Input Validation
SNYK-JS-ELECTRON-2932172		 Yes No Known Exploit
medium severity 106/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.00148, Social Trends: No, Days since published: 498, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 1.88, Score Version: V5		 Protection Mechanism Failure
SNYK-JS-ELECTRON-2934721		 Yes No Known Exploit
high severity 738/1000
Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: High, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00499, Social Trends: No, Days since published: 486, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 7.84, Likelihood: 9.41, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-2946881		 Yes Mature
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00132, Social Trends: No, Days since published: 486, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-2946891		 Yes No Known Exploit
high severity 152/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00072, Social Trends: No, Days since published: 463, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.99, Likelihood: 2.52, Score Version: V5		 Denial of Service (DoS)
SNYK-JS-ELECTRON-2961655		 Yes No Known Exploit
medium severity 60/1000
Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00082, Social Trends: No, Days since published: 450, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 2.35, Likelihood: 2.52, Score Version: V5		 Information Exposure
SNYK-JS-ELECTRON-2977510		 Yes No Known Exploit
medium severity 60/1000
Why? Confidentiality impact: None, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00075, Social Trends: No, Days since published: 450, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 2.35, Likelihood: 2.52, Score Version: V5		 Improper Input Validation
SNYK-JS-ELECTRON-2977512		 Yes No Known Exploit
medium severity 126/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00082, Social Trends: No, Days since published: 450, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.23, Score Version: V5		 Buffer Overflow
SNYK-JS-ELECTRON-2978483		 Yes No Known Exploit
medium severity 141/1000
Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: High, Attack Vector: Network, EPSS: 0.00081, Social Trends: No, Days since published: 450, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 7.03, Likelihood: 2.01, Score Version: V5		 Access Control Bypass
SNYK-JS-ELECTRON-2978519		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 435, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2992453		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 435, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2992478		 Yes No Known Exploit
medium severity 46/1000
Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.0008, Social Trends: No, Days since published: 435, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 2.35, Likelihood: 1.93, Score Version: V5		 Improper Authentication
SNYK-JS-ELECTRON-2992482		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 431, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-2994414		 Yes No Known Exploit
high severity 152/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00082, Social Trends: No, Days since published: 427, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.99, Likelihood: 2.52, Score Version: V5		 Denial of Service (DoS)
SNYK-JS-ELECTRON-3014402		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00082, Social Trends: No, Days since published: 427, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3014405		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00082, Social Trends: No, Days since published: 427, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3014407		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00095, Social Trends: No, Days since published: 427, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 97, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3014409		 Yes No Known Exploit
high severity 864/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: High, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00921, Social Trends: No, Days since published: 427, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 8.82, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3014411		 Yes Mature
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00172, Social Trends: No, Days since published: 408, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3028028		 Yes No Known Exploit
high severity 864/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: High, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00363, Social Trends: No, Days since published: 368, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 8.82, Score Version: V5		 Type Confusion
SNYK-JS-ELECTRON-3091122		 Yes Mature
medium severity 130/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): Low, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00062, Social Trends: No, Days since published: 366, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.3, Score Version: V5		 Improper Input Validation
SNYK-JS-ELECTRON-3097694		 Yes No Known Exploit
high severity 190/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 366, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 1.93, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3097832		 Yes No Known Exploit
medium severity 66/1000
Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Changed, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00046, Social Trends: No, Days since published: 360, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 98, Impact: 2.39, Likelihood: 2.74, Score Version: V5		 Information Exposure
SNYK-JS-ELECTRON-3107036		 Yes No Known Exploit
high severity 169/1000
Why? Confidentiality impact: Low, Integrity impact: High, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 359, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 7.84, Likelihood: 2.15, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3111876		 Yes No Known Exploit
high severity 155/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00081, Social Trends: No, Days since published: 359, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.74, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3111878		 Yes No Known Exploit
high severity 165/1000
Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 359, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.99, Likelihood: 2.74, Score Version: V5		 Denial of Service (DoS)
SNYK-JS-ELECTRON-3111879		 Yes No Known Exploit
high severity 211/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 359, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 2.15, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3111880		 Yes No Known Exploit
high severity 211/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 359, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 2.15, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3111881		 Yes No Known Exploit
high severity 211/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 338, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 2.15, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3160317		 Yes No Known Exploit
high severity 155/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00059, Social Trends: No, Days since published: 296, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.74, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3237489		 Yes No Known Exploit
high severity 212/1000
Why? Confidentiality impact: High, Integrity impact: High, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): Required, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00337, Social Trends: No, Days since published: 279, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 9.79, Likelihood: 2.16, Score Version: V5		 Use After Free
SNYK-JS-ELECTRON-3252475		 Yes No Known Exploit
high severity 155/1000
Why? Confidentiality impact: Low, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00083, Social Trends: No, Days since published: 240, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 5.62, Likelihood: 2.74, Score Version: V5		 Heap-based Buffer Overflow
SNYK-JS-ELECTRON-3370271		 Yes No Known Exploit
high severity 194/1000
Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00133, Social Trends: No, Days since published: 226, Reachable: No, Transitive dependency: No, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 98, Impact: 7.03, Likelihood: 2.75, Score Version: V5		 Out-of-bounds Read
SNYK-JS-ELECTRON-3370529		 Yes No Known Exploit
high severity 262/1000
Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00139, Social Trends: Yes, Days since published: 67, Reachable: No, Transitive depe...

@snyk-bot
fix: samples/package.json & samples/package-lock.json to reduce vulne…
c1821db 
…rabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ELECTRON-1924893
- https://snyk.io/vuln/SNYK-JS-ELECTRON-1924894
- https://snyk.io/vuln/SNYK-JS-ELECTRON-1924895
- https://snyk.io/vuln/SNYK-JS-ELECTRON-1930826
- https://snyk.io/vuln/SNYK-JS-ELECTRON-1932534
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2329155
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2329162
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2329257
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2329258
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2330890
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2332172
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2332173
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2332174
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2332175
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2332176
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2338684
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2339880
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2339883
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2351961
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2404183
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2404184
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2414027
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2420972
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2420994
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2422385
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2431021
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2431353
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2433620
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2434822
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2434824
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2441711
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2774694
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2803052
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2803053
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2805803
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2805927
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2806357
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2806730
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2807802
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2807803
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2807804
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2808872
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2808873
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2808874
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2812497
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2812499
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2824110
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2838863
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2869408
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2869410
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2870632
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2932172
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2934721
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2946881
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2946891
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2961655
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2977510
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2977512
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2978483
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2978519
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2992453
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2992478
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2992482
- https://snyk.io/vuln/SNYK-JS-ELECTRON-2994414
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014402
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014405
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014407
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014409
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3014411
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3028028
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3091122
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3097694
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3097832
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3107036
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111876
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111878
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111879
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111880
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3111881
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3160317
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3237489
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3252475
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3370271
- https://snyk.io/vuln/SNYK-JS-ELECTRON-3370529
- https://snyk.io/vuln/SNYK-JS-ELECTRON-5880432
- https://snyk.io/vuln/SNYK-JS-ELECTRON-5885098
- https://snyk.io/vuln/SNYK-JS-GOT-2932019
- https://snyk.io/vuln/SNYK-JS-WEBPACK-3358798
@cssecautomation cssecautomation requested a review from a team as a code owner November 3, 2023 23:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marianacapelo marianacapelo Awaiting requested review from marianacapelo marianacapelo is a code owner automatically assigned from OutSystems/ide-delta

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cssecautomation @snyk-bot