Update dependency swagger-ui to v4 #16
+1
−1
Open
Staging - WhiteSource for GitHub.com / Mend Security Check
failed
May 23, 2024 in 3m 3s
Security Report
You have successfully remediated 34 vulnerabilities, but introduced 1 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2021-23648Path to dependency file: /package.json Path to vulnerable library: /node_modules/@braintree/sanitize-url/package.json Dependency Hierarchy: -> swagger-ui-4.1.3.tgz (Root Library) -> ❌ sanitize-url-5.0.2.tgz (Vulnerable Library) |
Medium | 6.1 | sanitize-url-5.0.2.tgz | Upgrade to version: @braintree/sanitize-url - 6.0.0 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2022-0235 | node-fetch-1.7.3.tgz |
CVE-2020-7693 | sockjs-0.3.18.tgz |
CVE-2022-24773 | node-forge-0.10.0.tgz |
CVE-2021-26540 | sanitize-html-1.27.5.tgz |
CVE-2021-26539 | sanitize-html-1.27.5.tgz |
CVE-2020-28500 | lodash-4.17.2.tgz |
CVE-2018-14732 | webpack-dev-server-2.5.0.tgz |
CVE-2022-24772 | node-forge-0.10.0.tgz |
CVE-2022-46175 | json5-0.5.1.tgz |
CVE-2022-24771 | node-forge-0.10.0.tgz |
CVE-2018-3750 | deep-extend-0.4.1.tgz |
CVE-2018-16487 | lodash-4.17.2.tgz |
WS-2018-0593 | swagger-ui-3.2.2.tgz |
WS-2022-0008 | node-forge-0.10.0.tgz |
CVE-2018-3721 | lodash-4.17.2.tgz |
WS-2019-0171 | swagger-ui-3.2.2.tgz |
CVE-2020-7608 | yargs-parser-4.2.1.tgz |
CVE-2019-1010266 | lodash-4.17.2.tgz |
WS-2019-0540 | autolinker-0.28.1.tgz |
CVE-2018-25031 | swagger-ui-3.2.2.tgz |
CVE-2022-37601 | loader-utils-0.2.17.tgz |
WS-2019-0172 | swagger-ui-3.2.2.tgz |
WS-2017-3770 | autolinker-0.28.1.tgz |
CVE-2022-25887 | sanitize-html-1.27.5.tgz |
CVE-2021-23424 | ansi-html-0.0.7.tgz |
CVE-2021-23337 | lodash-4.17.2.tgz |
CVE-2021-33623 | trim-newlines-1.0.0.tgz |
CVE-2020-8203 | lodash-4.17.2.tgz |
CVE-2022-0122 | node-forge-0.10.0.tgz |
CVE-2019-17495 | swagger-ui-3.2.2.tgz |
CVE-2020-28469 | glob-parent-2.0.0.tgz |
CVE-2020-15168 | node-fetch-1.7.3.tgz |
CVE-2022-1650 | eventsource-0.1.6.tgz |
CVE-2019-10744 | lodash-4.17.2.tgz |
Base branch total remaining vulnerabilities: 49
Base branch commit: f8c8e4d7f6a25f19e287fb835f5e22f9ee447de7
Total libraries scanned: 316
Scan token: 8fe136407e814d94a052fb1bff71743f
Loading