Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency autolinker to v3 #10

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Update dependency autolinker to v3

5c58555
Select commit
Loading
Failed to load commit list.
Open

Update dependency autolinker to v3 #10

Update dependency autolinker to v3
5c58555
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Apr 9, 2024 in 16m 33s

Security Report

❗️ The scan was completed with partial results. There were issues encountered while retrieving or scanning dependencies for the following package managers: go. This may result in incomplete coverage of open-source dependencies used in the repository.

You have successfully remediated 2 vulnerabilities, but introduced 1 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue Reachability
WS-2020-0208

Path to dependency file: /webapp/package.json

Path to vulnerable library: /webapp/node_modules/highlight.js/package.json

Dependency Hierarchy:

-> ❌ highlight.js-9.2.0.tgz (Vulnerable Library)

Medium 5.3 highlight.js-9.2.0.tgz Upgrade to version: 10.4.1 #7

Reachable

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
WS-2017-3770 autolinker-0.24.1.tgz
WS-2019-0540 autolinker-0.24.1.tgz

Base branch total remaining vulnerabilities: 21
Base branch commit: 50e77553f48439042a557ffe16d3a033f065c09a


Total libraries scanned: 172

Scan token: 7ef198856e4341f88790fdf8adbb1f9d

View more details on Mend for GitHub.com