Update dependency firebase-tools to v13 #122
Open
Mend for GitHub.com / WhiteSource Security Check
failed
Dec 9, 2023 in 55s
Security Report
You have successfully remediated 66 vulnerabilities, but introduced 1 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2021-4231Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ core-9.0.0-next.11.tgz (Vulnerable Library) |
Medium | 5.4 | core-9.0.0-next.11.tgz | Upgrade to version: @angular/core -10.2.5,11.0.5 ,11.1.0-next.3 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2022-2421 | socket.io-parser-3.2.0.tgz |
CVE-2020-8203 | lodash-4.17.15.tgz |
CVE-2021-37701 | tar-4.4.13.tgz |
CVE-2012-6708 | jquery-1.4.4.min.js |
CVE-2022-23541 | jsonwebtoken-8.5.1.tgz |
CVE-2022-0536 | follow-redirects-1.12.1.tgz |
CVE-2022-24773 | node-forge-0.7.6.tgz |
CVE-2022-0144 | shelljs-0.8.2.tgz |
CVE-2020-8244 | bl-4.0.2.tgz |
CVE-2021-32804 | tar-4.4.13.tgz |
CVE-2019-5786 | puppeteer-0.13.0.tgz |
CVE-2021-23337 | lodash-4.17.15.tgz |
CVE-2021-3807 | ansi-regex-4.1.0.tgz |
CVE-2022-0437 | karma-4.1.0.tgz |
WS-2022-0008 | node-forge-0.7.6.tgz |
CVE-2021-23358 | underscore-1.6.0.tgz |
CVE-2020-28500 | lodash-4.17.15.tgz |
CVE-2022-48285 | jszip-3.5.0.tgz |
CVE-2022-38900 | decode-uri-component-0.2.0.tgz |
CVE-2022-0122 | node-forge-0.7.6.tgz |
CVE-2020-28502 | xmlhttprequest-ssl-1.5.5.tgz |
CVE-2020-7788 | ini-1.3.5.tgz |
CVE-2020-8116 | dot-prop-4.2.0.tgz |
CVE-2021-44906 | minimist-0.0.10.tgz |
WS-2020-0443 | socket.io-2.1.1.tgz |
CVE-2023-26136 | tough-cookie-2.5.0.tgz |
CVE-2022-23539 | jsonwebtoken-8.5.1.tgz |
CVE-2022-0155 | follow-redirects-1.12.1.tgz |
CVE-2021-3807 | ansi-regex-5.0.0.tgz |
CVE-2021-31597 | xmlhttprequest-ssl-1.5.5.tgz |
CVE-2023-0842 | xml2js-0.4.23.tgz |
CVE-2021-3918 | json-schema-0.2.3.tgz |
CVE-2020-28481 | socket.io-2.1.1.tgz |
CVE-2022-25858 | terser-4.3.1.tgz |
CVE-2021-23413 | jszip-3.5.0.tgz |
CVE-2021-23362 | hosted-git-info-2.8.8.tgz |
CVE-2021-3807 | ansi-regex-3.0.0.tgz |
CVE-2022-24999 | qs-6.5.2.tgz |
CVE-2021-23495 | karma-4.1.0.tgz |
CVE-2021-43138 | async-2.6.3.tgz |
CVE-2020-7656 | jquery-1.4.4.min.js |
CVE-2020-36048 | engine.io-3.2.1.tgz |
CVE-2022-25881 | http-cache-semantics-3.8.1.tgz |
CVE-2022-33987 | got-6.7.1.tgz |
CVE-2020-7608 | yargs-parser-11.1.1.tgz |
CVE-2020-36049 | socket.io-parser-3.2.0.tgz |
CVE-2022-24771 | node-forge-0.7.6.tgz |
CVE-2015-9251 | jquery-1.4.4.min.js |
CVE-2021-3765 | validator-8.2.0.tgz |
WS-2018-0650 | useragent-2.3.0.tgz |
CVE-2021-23364 | browserslist-4.12.2.tgz |
CVE-2020-7598 | minimist-0.0.10.tgz |
CVE-2021-37712 | tar-4.4.13.tgz |
CVE-2022-46175 | json5-2.1.3.tgz |
CVE-2021-32803 | tar-4.4.13.tgz |
CVE-2022-23540 | jsonwebtoken-8.5.1.tgz |
CVE-2011-4969 | jquery-1.4.4.min.js |
CVE-2022-21704 | log4js-4.5.1.tgz |
CVE-2022-24772 | node-forge-0.7.6.tgz |
CVE-2022-24999 | qs-6.4.0.tgz |
CVE-2020-7720 | node-forge-0.7.6.tgz |
CVE-2021-37713 | tar-4.4.13.tgz |
CVE-2022-24999 | qs-6.7.0.tgz |
CVE-2023-28155 | request-2.88.2.tgz |
CVE-2022-3517 | minimatch-3.0.4.tgz |
CVE-2022-41940 | engine.io-3.2.1.tgz |
Base branch total remaining vulnerabilities: 66
Base branch commit: null
Total libraries scanned: 19
Scan token: 1f024218154e43808d452c7a4aec16fa
Loading