[Snyk] Upgrade @playwright/test from 1.19.0-alpha-1643749494000 to 1.38.1 #798
Security Report
You have successfully remediated 16 vulnerabilities, but introduced 6 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2023-26136Path to dependency file: /utils/flakiness-dashboard/package.json Path to vulnerable library: /utils/flakiness-dashboard/package.json Dependency Hierarchy: -> storage-blob-12.2.1.tgz (Root Library) -> core-http-1.1.9.tgz -> ❌ tough-cookie-4.0.0.tgz (Vulnerable Library) |
Critical | 9.8 | tough-cookie-4.0.0.tgz | Upgrade to version: tough-cookie - 4.1.3 | None |
CVE-2023-45133Path to dependency file: /package.json Path to vulnerable library: /node_modules/@babel/traverse/package.json Dependency Hierarchy: -> @playwright/test-1.20.0-next.tgz (Root Library) -> core-7.16.12.tgz -> ❌ traverse-7.16.10.tgz (Vulnerable Library) |
Critical | 9.3 | traverse-7.16.10.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2022-25883Path to dependency file: /package.json Path to vulnerable library: /node_modules/semver/package.json Dependency Hierarchy: -> @playwright/test-1.20.0-next.tgz (Root Library) -> core-7.16.12.tgz -> ❌ semver-6.3.0.tgz (Vulnerable Library) |
High | 7.5 | semver-6.3.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | None |
CVE-2023-2976Path to dependency file: /packages/playwright-core/src/server/android/driver/app/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/28.1-jre/b0e91dcb6a44ffb6221b5027e12a5cb34b841145/guava-28.1-jre.jar Dependency Hierarchy: -> lint-gradle-27.1.0.jar (Root Library) -> builder-4.1.0.jar -> apkzlib-4.1.0.jar -> ❌ guava-28.1-jre.jar (Vulnerable Library) |
High | 7.1 | guava-28.1-jre.jar | Upgrade to version: com.google.guava:guava:32.0.1-android,32.0.1-jre | None |
CVE-2023-33201Path to dependency file: /packages/playwright-core/src/server/android/driver/app/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.bouncycastle/bcprov-jdk15on/1.64/513f78dc2971d73eec9716788948ec02704899aa/bcprov-jdk15on-1.64.pom Dependency Hierarchy: -> ❌ bcprov-jdk15on-1.64.jar (Vulnerable Library) |
Medium | 5.3 | bcprov-jdk15on-1.64.jar | Upgrade to version: org.bouncycastle:bcprov-ext-jdk18on:1.74, org.bouncycastle:bcprov-jdk18on:1.74, org.bouncycastle:bcprov-debug-jdk18on:1.74, org.bouncycastle:bcprov-ext-debug-jdk18on:1.74, org.bouncycastle:bcprov-ext-jdk15to18:1.74, org.bouncycastle:bcprov-jdk15to18:1.74, org.bouncycastle:bcprov-debug-jdk14:1.74, org.bouncycastle:bcprov-debug-jdk15to18:1.74, org.bouncycastle:bcprov-ext-debug-jdk14:1.74, org.bouncycastle:bcprov-ext-debug-jdk15to18:1.74, org.bouncycastle:bcprov-jdk14:1.74 | None |
CVE-2023-33201Path to dependency file: /packages/playwright-core/src/server/android/driver/app/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.bouncycastle/bcprov-jdk15on/1.56/a153c6f9744a3e9dd6feab5e210e1c9861362ec7/bcprov-jdk15on-1.56.jar Dependency Hierarchy: -> lint-gradle-27.1.0.jar (Root Library) -> builder-4.1.0.jar -> ❌ bcprov-jdk15on-1.56.jar (Vulnerable Library) |
Medium | 5.3 | bcprov-jdk15on-1.56.jar | Upgrade to version: org.bouncycastle:bcprov-ext-jdk18on:1.74, org.bouncycastle:bcprov-jdk18on:1.74, org.bouncycastle:bcprov-debug-jdk18on:1.74, org.bouncycastle:bcprov-ext-debug-jdk18on:1.74, org.bouncycastle:bcprov-ext-jdk15to18:1.74, org.bouncycastle:bcprov-jdk15to18:1.74, org.bouncycastle:bcprov-debug-jdk14:1.74, org.bouncycastle:bcprov-debug-jdk15to18:1.74, org.bouncycastle:bcprov-ext-debug-jdk14:1.74, org.bouncycastle:bcprov-ext-debug-jdk15to18:1.74, org.bouncycastle:bcprov-jdk14:1.74 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2022-33987 | got-9.6.0.tgz |
CVE-2022-25881 | http-cache-semantics-4.1.0.tgz |
CVE-2022-37601 | loader-utils-1.4.0.tgz |
CVE-2022-29247 | electron-12.2.1.tgz |
CVE-2022-46175 | json5-1.0.1.tgz |
CVE-2022-37599 | loader-utils-2.0.0.tgz |
CVE-2022-37603 | loader-utils-2.0.0.tgz |
CVE-2021-33502 | normalize-url-4.5.0.tgz |
CVE-2022-37601 | loader-utils-2.0.0.tgz |
CVE-2023-28154 | webpack-5.68.0.tgz |
CVE-2023-2968 | proxy-1.0.2.tgz |
CVE-2022-36077 | electron-12.2.1.tgz |
CVE-2022-29257 | electron-12.2.1.tgz |
CVE-2022-25858 | terser-5.10.0.tgz |
CVE-2022-24999 | qs-6.9.3.tgz |
CVE-2022-21718 | electron-12.2.1.tgz |
Base branch total remaining vulnerabilities: 44
Base branch commit: null
Total libraries scanned: 354
Scan token: 8c66c72740f94492a8f2d9d35a3f58ab