chore(deps): update dependency jsonwebtoken to v9 #309
Security Report
You have successfully remediated 6 vulnerabilities, but introduced 2 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | Vulnerable Library | Suggested Fix | Issue | |
---|---|---|---|---|---|
CVE-2018-14040Path to vulnerable library: /templates/static-website-template/app/js/bootstrap.js,/core/jazz-web/js/bootstrap.js Dependency Hierarchy: -> ❌ bootstrap-3.3.5.js (Vulnerable Library) |
3.7 | bootstrap-3.3.5.js | Upgrade to version: bootstrap - 3.4.0,4.1.2 | #46 | |
CVE-2018-14040Path to dependency file: /core/jazz-web/index.html Path to vulnerable library: /core/jazz-web/js/bootstrap.min.js,/templates/static-website-template/app/js/bootstrap.min.js,/templates/static-website-template/app/js/bootstrap.min.js,/core/jazz-web/js/bootstrap.min.js Dependency Hierarchy: -> ❌ bootstrap-3.3.5.min.js (Vulnerable Library) |
3.7 | bootstrap-3.3.5.min.js | Upgrade to version: bootstrap - 3.4.0,4.1.2 | #46 |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2022-23541 | jsonwebtoken-7.4.3.tgz |
CVE-2022-23539 | jsonwebtoken-7.4.3.tgz |
CVE-2024-28849 | follow-redirects-1.15.5.tgz |
CVE-2024-29041 | express-4.18.3.tgz |
CVE-2022-23540 | jsonwebtoken-7.4.3.tgz |
CVE-2018-3728 | hoek-2.16.3.tgz |
Base branch total remaining vulnerabilities: 111
Base branch commit: 712665b267203375ee4b15e1f8d1ebe08abc1547
Total libraries scanned: 1644
Scan token: a7647effb44d424da7a7e77a4995f03c