fix(ts): adds types to next/ListBoxTrigger next/ListBoxSelection tsx …
Security Report
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2023-26136Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/tough-cookie-npm-2.5.0-79a2fe43fe-024cb13a4d.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> rollup-2.79.1.tgz -> fsevents-2.3.2.tgz -> node-gyp-7.1.2.tgz -> request-2.88.2.tgz -> ❌ tough-cookie-2.5.0.tgz (Vulnerable Library) |
 Critical |
9.8 | tough-cookie-2.5.0.tgz | Upgrade to version: tough-cookie - 4.1.3 | None |
CVE-2023-26136Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/tough-cookie-npm-4.0.0-7c5f3086af-1c9764cbe1.zip Dependency Hierarchy: -> jest-config-carbon-1.14.0.tgz (Root Library) -> jest-environment-jsdom-28.1.0.tgz -> jsdom-19.0.0.tgz -> ❌ tough-cookie-4.0.0.tgz (Vulnerable Library) |
Critical |
9.8 | tough-cookie-4.0.0.tgz | Upgrade to version: tough-cookie - 4.1.3 | None |
CVE-2022-37598Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/uglify-js-npm-3.4.10-026479e767-70b9f666c9.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sassdoc-theme-default-2.8.3.tgz -> html-minifier-3.5.21.tgz -> ❌ uglify-js-3.4.10.tgz (Vulnerable Library) |
Critical |
9.8 | uglify-js-3.4.10.tgz | Upgrade to version: uglify-js - 3.13.10 | None |
CVE-2021-3918Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/json-schema-npm-0.2.3-018ee3dfc9-2f98d28db7.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> rollup-2.79.1.tgz -> fsevents-2.3.2.tgz -> node-gyp-7.1.2.tgz -> request-2.88.2.tgz -> http-signature-1.2.0.tgz -> jsprim-1.4.1.tgz -> ❌ json-schema-0.2.3.tgz (Vulnerable Library) |
Critical |
9.8 | json-schema-0.2.3.tgz | Upgrade to version: json-schema - 0.4.0 | None |
CVE-2021-25949Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/set-getter-npm-0.1.0-9664f89372-00b9cd529b.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> markdown-toc-1.2.0.tgz -> lazy-cache-2.0.2.tgz -> ❌ set-getter-0.1.0.tgz (Vulnerable Library) |
Critical |
9.8 | set-getter-0.1.0.tgz | Upgrade to version: set-getter - 0.1.1 | None |
CVE-2022-46175Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/json5-npm-1.0.1-647fc8794b-ecb5ab4e23.zip Dependency Hierarchy: -> eslint-config-carbon-3.15.0.tgz (Root Library) -> eslint-plugin-import-2.27.5.tgz -> tsconfig-paths-3.14.1.tgz -> ❌ json5-1.0.1.tgz (Vulnerable Library) |
 High |
8.8 | json5-1.0.1.tgz | Upgrade to version: json5 - 2.2.2 | None |
CVE-2024-4068Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/braces-npm-2.3.2-19cadb3384-7c0f0d9625.zip Dependency Hierarchy: -> upgrade-11.16.0.tgz (Root Library) -> jscodeshift-0.13.1.tgz -> micromatch-3.1.10.tgz -> ❌ braces-2.3.2.tgz (Vulnerable Library) |
High |
7.5 | braces-2.3.2.tgz | Upgrade to version: braces - 3.0.3 | None |
CVE-2024-39338Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/axios-npm-1.7.3-a63743a582-7f92af2057.zip Dependency Hierarchy: -> jest-config-carbon-1.14.0.tgz (Root Library) -> accessibility-checker-3.1.74.tgz -> ❌ axios-1.7.3.tgz (Vulnerable Library) |
High |
7.5 | axios-1.7.3.tgz | Upgrade to version: axios - 1.7.4 | None |
CVE-2024-37890Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/ws-npm-8.5.0-8e99728c84-f0ee700970.zip Dependency Hierarchy: -> jest-config-carbon-1.14.0.tgz (Root Library) -> accessibility-checker-3.1.74.tgz -> puppeteer-13.7.0.tgz -> ❌ ws-8.5.0.tgz (Vulnerable Library) |
High |
7.5 | ws-8.5.0.tgz | Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 | None |
CVE-2023-26156Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/chromedriver-npm-91.0.1-5d85da17b8-600e1fafe2.zip Dependency Hierarchy: -> jest-config-carbon-1.14.0.tgz (Root Library) -> accessibility-checker-3.1.74.tgz -> ❌ chromedriver-91.0.1.tgz (Vulnerable Library) |
High |
7.5 | chromedriver-91.0.1.tgz | Upgrade to version: chromedriver - 119.0.1 | None |
CVE-2022-37620Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/html-minifier-npm-3.5.21-5367304f07-8341f38d2c.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sassdoc-theme-default-2.8.3.tgz -> ❌ html-minifier-3.5.21.tgz (Vulnerable Library) |
High |
7.5 | html-minifier-3.5.21.tgz | None | |
CVE-2022-25883Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/semver-npm-5.7.1-40bcea106b-fbc71cf007.zip Dependency Hierarchy: -> upgrade-11.16.0.tgz (Root Library) -> jscodeshift-0.13.1.tgz -> register-7.24.6.tgz -> make-dir-2.1.0.tgz -> ❌ semver-5.7.1.tgz (Vulnerable Library) |
High |
7.5 | semver-5.7.1.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | None |
CVE-2022-21681Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/marked-npm-0.6.3-1ee699f13e-aeefb8ed59.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sassdoc-theme-default-2.8.3.tgz -> sassdoc-extras-2.5.1.tgz -> ❌ marked-0.6.3.tgz (Vulnerable Library) |
High |
7.5 | marked-0.6.3.tgz | Upgrade to version: marked - 4.0.10 | None |
CVE-2022-21680Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/marked-npm-0.6.3-1ee699f13e-aeefb8ed59.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sassdoc-theme-default-2.8.3.tgz -> sassdoc-extras-2.5.1.tgz -> ❌ marked-0.6.3.tgz (Vulnerable Library) |
High |
7.5 | marked-0.6.3.tgz | Upgrade to version: marked - 4.0.10 | None |
CVE-2021-43307Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/semver-regex-npm-1.0.0-95aa99f4f8-17411400ee.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sass-convert-0.5.2.tgz -> ❌ semver-regex-1.0.0.tgz (Vulnerable Library) |
High |
7.5 | semver-regex-1.0.0.tgz | Upgrade to version: semver-regex - 3.1.4,4.0.3 | None |
CVE-2021-3807Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/ansi-regex-npm-4.1.0-4a7d8413fe-97aa465953.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> inquirer-6.5.2.tgz -> strip-ansi-5.2.0.tgz -> ❌ ansi-regex-4.1.0.tgz (Vulnerable Library) |
High |
7.5 | ansi-regex-4.1.0.tgz | Upgrade to version: ansi-regex - 5.0.1,6.0.1 | None |
CVE-2021-3807Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/ansi-regex-npm-3.0.0-be0b845911-2ad11c416f.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> inquirer-6.5.2.tgz -> string-width-2.1.1.tgz -> strip-ansi-4.0.0.tgz -> ❌ ansi-regex-3.0.0.tgz (Vulnerable Library) |
High |
7.5 | ansi-regex-3.0.0.tgz | Upgrade to version: ansi-regex - 5.0.1,6.0.1 | None |
CVE-2021-3795Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/semver-regex-npm-1.0.0-95aa99f4f8-17411400ee.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sass-convert-0.5.2.tgz -> ❌ semver-regex-1.0.0.tgz (Vulnerable Library) |
High |
7.5 | semver-regex-1.0.0.tgz | Upgrade to version: semver-regex - 3.1.3,4.0.1 | None |
CVE-2021-3749Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/axios-npm-0.21.1-d192f6b3b3-271afc6138.zip Dependency Hierarchy: -> jest-config-carbon-1.14.0.tgz (Root Library) -> accessibility-checker-3.1.74.tgz -> chromedriver-91.0.1.tgz -> ❌ axios-0.21.1.tgz (Vulnerable Library) |
High |
7.5 | axios-0.21.1.tgz | Upgrade to version: axios - 0.21.2 | None |
CVE-2021-33502Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/normalize-url-npm-4.5.0-14a0c5430f-c70ee89880.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> update-notifier-4.1.3.tgz -> latest-version-5.1.0.tgz -> package-json-6.5.0.tgz -> got-9.6.0.tgz -> cacheable-request-6.1.0.tgz -> ❌ normalize-url-4.5.0.tgz (Vulnerable Library) |
High |
7.5 | normalize-url-4.5.0.tgz | Upgrade to version: normalize-url - 4.5.1,5.3.1,6.0.1 | None |
CVE-2020-7753Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/trim-npm-0.0.1-d138075543-2b4646dff9.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> remark-10.0.1.tgz -> remark-parse-6.0.3.tgz -> ❌ trim-0.0.1.tgz (Vulnerable Library) |
High |
7.5 | trim-0.0.1.tgz | Upgrade to version: trim - 0.0.3 | None |
CVE-2020-28469Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/glob-parent-npm-3.1.0-31416ad085-653d559237.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> vinyl-fs-3.0.3.tgz -> glob-stream-6.1.0.tgz -> ❌ glob-parent-3.1.0.tgz (Vulnerable Library) |
High |
7.5 | glob-parent-3.1.0.tgz | Upgrade to version: glob-parent - 5.1.2 | None |
CVE-2024-28863Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/tar-npm-6.1.15-44c3e71720-4848b92da8.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> rollup-2.79.1.tgz -> fsevents-2.3.2.tgz -> node-gyp-7.1.2.tgz -> ❌ tar-6.1.15.tgz (Vulnerable Library) |
 Medium |
6.5 | tar-6.1.15.tgz | Upgrade to version: tar - 6.2.1 | None |
CVE-2023-45857Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/axios-npm-0.21.1-d192f6b3b3-271afc6138.zip Dependency Hierarchy: -> jest-config-carbon-1.14.0.tgz (Root Library) -> accessibility-checker-3.1.74.tgz -> chromedriver-91.0.1.tgz -> ❌ axios-0.21.1.tgz (Vulnerable Library) |
Medium |
6.5 | axios-0.21.1.tgz | Upgrade to version: axios - 1.6.0 | None |
WS-2017-3770Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/autolinker-npm-0.28.1-dbe1de77b4-da915195b2.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> markdown-toc-1.2.0.tgz -> remarkable-1.7.4.tgz -> ❌ autolinker-0.28.1.tgz (Vulnerable Library) |
Medium |
6.1 | autolinker-0.28.1.tgz | Upgrade to version: autolinker - 3.14.0 | None |
CVE-2023-28155Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/request-npm-2.88.2-f4a57c72c4-005b8b237b.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> rollup-2.79.1.tgz -> fsevents-2.3.2.tgz -> node-gyp-7.1.2.tgz -> ❌ request-2.88.2.tgz (Vulnerable Library) |
Medium |
6.1 | request-2.88.2.tgz | Upgrade to version: @cypress/request - 3.0.0 | None |
WS-2020-0163Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/marked-npm-0.6.3-1ee699f13e-aeefb8ed59.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sassdoc-theme-default-2.8.3.tgz -> sassdoc-extras-2.5.1.tgz -> ❌ marked-0.6.3.tgz (Vulnerable Library) |
Medium |
5.9 | marked-0.6.3.tgz | Upgrade to version: marked - 1.1.1 | None |
WS-2019-0209Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/marked-npm-0.6.3-1ee699f13e-aeefb8ed59.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> sassdoc-theme-default-2.8.3.tgz -> sassdoc-extras-2.5.1.tgz -> ❌ marked-0.6.3.tgz (Vulnerable Library) |
Medium |
5.5 | marked-0.6.3.tgz | Upgrade to version: 0.7.0 | None |
WS-2019-0540Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/autolinker-npm-0.28.1-dbe1de77b4-da915195b2.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> markdown-toc-1.2.0.tgz -> remarkable-1.7.4.tgz -> ❌ autolinker-0.28.1.tgz (Vulnerable Library) |
Medium |
5.3 | autolinker-0.28.1.tgz | Upgrade to version: autolinker - 3.0.0 | None |
CVE-2024-4067Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/micromatch-npm-4.0.7-28fb7387ee-a11ed1cb67.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> fast-glob-3.3.2.tgz -> ❌ micromatch-4.0.7.tgz (Vulnerable Library) |
Medium |
5.3 | micromatch-4.0.7.tgz | Upgrade to version: micromatch - 4.0.8 | None |
CVE-2024-4067Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/micromatch-npm-3.1.10-016e80c79d-4102bac836.zip Dependency Hierarchy: -> upgrade-11.16.0.tgz (Root Library) -> jscodeshift-0.13.1.tgz -> ❌ micromatch-3.1.10.tgz (Vulnerable Library) |
Medium |
5.3 | micromatch-3.1.10.tgz | Upgrade to version: micromatch - 4.0.8 | None |
CVE-2022-33987Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/got-npm-9.6.0-80edc15fd0-fae3273b44.zip Dependency Hierarchy: -> cli-11.20.0.tgz (Root Library) -> sassdoc-2.7.3.tgz -> update-notifier-4.1.3.tgz -> latest-version-5.1.0.tgz -> package-json-6.5.0.tgz -> ❌ got-9.6.0.tgz (Vulnerable Library) |
Medium |
5.3 | got-9.6.0.tgz | Upgrade to version: got - 11.8.5,12.1.0 | None |
CVE-2017-16137Path to dependency file: /package.json Path to vulnerable library: /.yarn/cache/debug-npm-4.1.0-87184f7b48-41be7dbe92.zip Dependency Hierarchy: -> jest-config-carbon-1.14.0.tgz (Root Library) -> accessibility-checker-3.1.74.tgz -> chromedriver-91.0.1.tgz -> tcp-port-used-1.0.1.tgz -> ❌ debug-4.1.0.tgz (Vulnerable Library) |
 Low |
3.7 | debug-4.1.0.tgz | Upgrade to version: debug - 2.6.9,3.1.0,3.2.7,4.3.1 | None |
Total libraries scanned: 1494
Scan token: 62f791f150944d5d90c4b342ee2e8820