chore(deps): update dependency jsonwebtoken to v9 #309
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2018-14040Path to vulnerable library: /templates/static-website-template/app/js/bootstrap.js,/core/jazz-web/js/bootstrap.js Dependency Hierarchy: -> ❌ bootstrap-3.3.5.js (Vulnerable Library) |
 Low |
3.7 | bootstrap-3.3.5.js | Upgrade to version: bootstrap - 3.4.0,4.1.2 | #46 |
CVE-2018-14040Path to dependency file: /core/jazz-web/index.html Path to vulnerable library: /core/jazz-web/js/bootstrap.min.js,/templates/static-website-template/app/js/bootstrap.min.js,/templates/static-website-template/app/js/bootstrap.min.js,/core/jazz-web/js/bootstrap.min.js Dependency Hierarchy: -> ❌ bootstrap-3.3.5.min.js (Vulnerable Library) |
Low |
3.7 | bootstrap-3.3.5.min.js | Upgrade to version: bootstrap - 3.4.0,4.1.2 | #46 |
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2022-23541 | jsonwebtoken-7.4.3.tgz |
| CVE-2022-23539 | jsonwebtoken-7.4.3.tgz |
| CVE-2024-28849 | follow-redirects-1.15.5.tgz |
| CVE-2024-29041 | express-4.18.3.tgz |
| CVE-2022-23540 | jsonwebtoken-7.4.3.tgz |
| CVE-2018-3728 | hoek-2.16.3.tgz |
Base branch total remaining vulnerabilities: 111
Base branch commit: 712665b267203375ee4b15e1f8d1ebe08abc1547
Total libraries scanned: 1644
Scan token: a7647effb44d424da7a7e77a4995f03c