Update dependency mongoose to v5.13.21 #48
Security Report
You have successfully remediated 3 vulnerabilities, but introduced 5 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | Vulnerable Library | Suggested Fix | Issue | |
---|---|---|---|---|---|
MSC-2023-16600Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nodemon-1.18.8.tgz (Root Library) -> chokidar-2.0.4.tgz -> ❌ fsevents-1.2.4.tgz (Vulnerable Library) |
9.8 | fsevents-1.2.4.tgz | #23 | ||
CVE-2023-45311Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nodemon-1.18.8.tgz (Root Library) -> chokidar-2.0.4.tgz -> ❌ fsevents-1.2.4.tgz (Vulnerable Library) |
9.8 | fsevents-1.2.4.tgz | Upgrade to version: fsevents - 1.2.11 | #23 | |
CVE-2023-26136Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nexmo-2.4.2-beta-1.tgz (Root Library) -> request-2.88.0.tgz -> ❌ tough-cookie-2.4.3.tgz (Vulnerable Library) |
9.8 | tough-cookie-2.4.3.tgz | Upgrade to version: tough-cookie - 4.1.3 | #20 | |
CVE-2022-25883Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nodemon-1.18.8.tgz (Root Library) -> chokidar-2.0.4.tgz -> fsevents-1.2.4.tgz -> node-pre-gyp-0.10.0.tgz -> ❌ semver-5.5.0.tgz (Vulnerable Library) |
7.5 | semver-5.5.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #23 | |
CVE-2022-25883Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nodemon-1.18.8.tgz (Root Library) -> ❌ semver-5.6.0.tgz (Vulnerable Library) |
7.5 | semver-5.6.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #23 |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2019-17426 | mongoose-5.3.16.tgz |
CVE-2023-3696 | mongoose-5.3.16.tgz |
CVE-2022-2564 | mongoose-5.3.16.tgz |
Base branch total remaining vulnerabilities: 61
Base branch commit: 09a6c8830d7c790f40d96c37ec8e5ad2bae92e5e
Total libraries scanned: 392
Scan token: 173ff5169abf41628e73d82db135b8d1