Update dependency pusher to v4 #68
Security Report
4 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
CVE | Severity | Vulnerable Library | Suggested Fix | Issue | |
---|---|---|---|---|---|
CVE-2023-45133Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> next-7.0.2.tgz (Root Library) -> core-7.0.0.tgz -> ❌ traverse-7.1.6.tgz (Vulnerable Library) |
8.8 | traverse-7.1.6.tgz | Upgrade to version: @babel/traverse - 7.23.2 | #26 | |
CVE-2022-25883Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> next-7.0.2.tgz (Root Library) -> preset-env-7.0.0.tgz -> ❌ semver-5.6.0.tgz (Vulnerable Library) |
7.5 | semver-5.6.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #26 | |
CVE-2022-25883Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> next-7.0.2.tgz (Root Library) -> webpack-4.20.2.tgz -> watchpack-1.6.0.tgz -> chokidar-2.0.4.tgz -> fsevents-1.2.4.tgz -> node-pre-gyp-0.10.0.tgz -> ❌ semver-5.5.0.tgz (Vulnerable Library) |
7.5 | semver-5.5.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #26 | |
CVE-2023-45857Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ axios-0.18.0.tgz (Vulnerable Library) |
6.5 | axios-0.18.0.tgz | Upgrade to version: axios - 1.6.0 | #35 |
Base branch total remaining vulnerabilities: 89
Base branch commit: null
Total libraries scanned: 793
Scan token: 9a8d2dcbad294a7aa84e54c7108cb6e8