New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump webpack-dev-middleware from 5.3.1 to 5.3.4 #716

Merged

pradeepnschrodinger merged 1 commit into master from dependabot/npm_and_yarn/webpack-dev-middleware-5.3.4

Mar 29, 2024

Merged

Bump webpack-dev-middleware from 5.3.1 to 5.3.4 #716

Bump webpack-dev-middleware from 5.3.1 to 5.3.4

Wiz Inc. (87ff8274df) / Wiz Vulnerability Scanner completed Mar 29, 2024 in 3s

Wiz Vulnerability Scanner

Salutations, Sheriff of Syntax Shire! 🔍

The arcane currents guided Wiz's gaze, uncovering hidden wonders within this code. 🔮🔍

Exposing Vulnerabilities with Wiz 🪄

🔮 Vulnerabilities Detected: 12

― Note from Wiz: "Your code's charm is contagious - keep casting your spells! 🪄💼"

Annotations

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

flat:4.1.1

Detected Vulnerabilities:
  CVE-2020-36632, Severity: Critical, Source: https://github.com/advisories/GHSA-2j2x-2gpw-g8fm
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.0.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

glob-parent:3.1.0

Detected Vulnerabilities:
  CVE-2020-28469, Severity: High, Source: https://github.com/advisories/GHSA-ww39-953v-wcq6
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.1.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

ansi-regex:3.0.0

Detected Vulnerabilities:
  CVE-2021-3807, Severity: High, Source: https://github.com/advisories/GHSA-93q8-gq69-wqmw
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 3.0.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

minimatch:3.0.4

Detected Vulnerabilities:
  CVE-2022-3517, Severity: High, Source: https://github.com/advisories/GHSA-f8q6-p94x-37v3
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 3.0.5
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

ansi-regex:4.1.0

Detected Vulnerabilities:
  CVE-2021-3807, Severity: High, Source: https://github.com/advisories/GHSA-93q8-gq69-wqmw
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 4.1.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

yargs-parser:9.0.2

Detected Vulnerabilities:
  CVE-2020-7608, Severity: Medium, Source: https://github.com/advisories/GHSA-p9pc-299p-vxgp
    CVSS score: 5.3, CVSS exploitability score: 1.8
    🩹 Fixed version: 13.1.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

request:2.88.2

Detected Vulnerabilities:
  CVE-2023-28155, Severity: Medium, Source: https://github.com/advisories/GHSA-p8p7-x288-28g6
    CVSS score: 6.1, CVSS exploitability score: 2.8
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

express:4.17.3

Detected Vulnerabilities:
  CVE-2024-29041, Severity: Medium, Source: https://github.com/advisories/GHSA-rv95-896h-c2vc
    🩹 Fixed version: 4.19.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

semver:7.0.0

Detected Vulnerabilities:
  CVE-2022-25883, Severity: Medium, Source: https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 7.5.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

tough-cookie:4.0.0

Detected Vulnerabilities:
  CVE-2023-26136, Severity: Medium, Source: https://github.com/advisories/GHSA-72xf-g2v4-qvf3
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 4.1.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

tough-cookie:2.5.0

Detected Vulnerabilities:
  CVE-2023-26136, Severity: Medium, Source: https://github.com/advisories/GHSA-72xf-g2v4-qvf3
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 4.1.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check notice on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

debug:3.2.6

Detected Vulnerabilities:
  CVE-2017-16137, Severity: Low, Source: https://github.com/advisories/GHSA-gxpj-cx7g-858c
    CVSS score: 5.3, CVSS exploitability score: 3.9
    🩹 Fixed version: 3.2.7
    💥 Has public exploit
    🧨 Has CISA KEV exploit

View more details on Wiz Inc. (87ff8274df)