You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
✔️ This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.
mend-bolt-for-githubbot
changed the title
WS-2017-0236 (Medium) detected in growl-1.9.2.tgz
WS-2017-0236 (Medium) detected in growl-1.9.2.tgz - autoclosed
Apr 28, 2022
WS-2017-0236 - Medium Severity Vulnerability
Vulnerable Library - growl-1.9.2.tgz
Growl unobtrusive notifications
Library home page: https://registry.npmjs.org/growl/-/growl-1.9.2.tgz
Path to dependency file: /conception-website/package.json
Path to vulnerable library: /tmp/git/conception-website/node_modules/growl/package.json
Dependency Hierarchy:
Found in HEAD commit: aafabe1f890f6614128b3e3a46fcacc878d945e9
Vulnerability Details
Affected versions of the package are vulnerable to Arbitrary Code Injection.
Publish Date: 2017-05-01
URL: WS-2017-0236
CVSS 2 Score Details (5.6)
Base Score Metrics not available
Suggested Fix
Type: Change files
Origin: tj/node-growl@d9f6ea2
Release Date: 2016-09-05
Fix Resolution: Replace or update the following files: package.json, growl.js
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: