Update dependency yeoman-generator to v6 - autoclosed #314

Security Report

You have successfully remediated 238 vulnerabilities, but introduced 7 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE	Severity	CVSS Score	Vulnerable Library	Suggested Fix	Issue
CVE-2023-26136 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-server-cli-file:packages/react-server-cli.tgz (Root Library) -> node-sass-4.11.0.tgz -> request-2.88.0.tgz -> ❌ tough-cookie-2.4.3.tgz (Vulnerable Library)	Critical	9.8	tough-cookie-2.4.3.tgz	Upgrade to version: tough-cookie - 4.1.3	#290
CVE-2023-45133 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-server-cli-file:packages/react-server-cli.tgz (Root Library) -> core-7.4.3.tgz -> ❌ traverse-7.4.3.tgz (Vulnerable Library)	High	8.8	traverse-7.4.3.tgz	Upgrade to version: @babel/traverse - 7.23.2	#306
CVE-2023-5764 Path to dependency file: /packages/react-server-website/deployment/requirements.txt Path to vulnerable library: /packages/react-server-website/deployment/requirements.txt Dependency Hierarchy: -> ansible-4.10.0.tar.gz (Root Library) -> ❌ ansible-core-2.11.12.tar.gz (Vulnerable Library)	High	7.8	ansible-core-2.11.12.tar.gz	Upgrade to version: ansible-core - 2.14.12,2.15.7,2.16.1	#300
CVE-2022-25883 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> babel-preset-react-server-file:packages/babel-preset-react-server.tgz (Root Library) -> preset-env-7.4.3.tgz -> core-js-compat-3.0.1.tgz -> ❌ semver-6.0.0.tgz (Vulnerable Library)	High	7.5	semver-6.0.0.tgz	Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2	#307
CVE-2022-25883 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> babel-preset-react-server-file:packages/babel-preset-react-server.tgz (Root Library) -> plugin-transform-runtime-7.4.3.tgz -> ❌ semver-5.7.0.tgz (Vulnerable Library)	High	7.5	semver-5.7.0.tgz	Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2	#307
CVE-2023-5115 Path to dependency file: /packages/react-server-website/deployment/requirements.txt Path to vulnerable library: /packages/react-server-website/deployment/requirements.txt Dependency Hierarchy: -> ansible-4.10.0.tar.gz (Root Library) -> ❌ ansible-core-2.11.12.tar.gz (Vulnerable Library)	Medium	6.3	ansible-core-2.11.12.tar.gz	Upgrade to version: ansible-core - 2.16.0	#299
CVE-2017-16137 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> generator-react-server-file:packages/generator-react-server.tgz (Root Library) -> yeoman-generator-0.24.1.tgz -> yeoman-test-1.9.1.tgz -> yeoman-generator-2.0.5.tgz -> ❌ debug-3.2.6.tgz (Vulnerable Library)	Medium	5.3	debug-3.2.6.tgz	Upgrade to version: debug - 2.6.9,3.1.0,3.2.7,4.3.1	#14

✔️ Remediated vulnerabilities:

CVE	Vulnerable Library
CVE-2017-20165	debug-2.2.0.tgz
CVE-2022-24785	moment-2.29.1.tgz
CVE-2022-0155	follow-redirects-1.14.1.tgz
CVE-2019-16775	npm-4.6.1.tgz
CVE-2017-20162	ms-0.7.1.tgz
CVE-2022-37603	loader-utils-2.0.0.tgz
CVE-2022-2217	parse-url-5.0.1.tgz
CVE-2018-19797	node-sass-v4.13.1
CVE-2023-5764	ansible-core-2.11.1.tar.gz
CVE-2022-0624	parse-path-4.0.1.tgz
CVE-2021-23362	hosted-git-info-2.4.2.tgz
CVE-2018-20190	node-sass-v4.13.1
CVE-2022-3517	minimatch-2.0.10.tgz
CVE-2015-9251	jquery-1.7.1.min.js
CVE-2020-15168	node-fetch-2.3.0.tgz
CVE-2021-29059	is-svg-2.1.0.tgz
CVE-2022-25883	semver-5.7.1.tgz
CVE-2022-33987	got-6.7.1.tgz
CVE-2020-7608	yargs-parser-11.1.1.tgz
CVE-2020-7656	jquery-1.7.1.min.js
CVE-2021-23337	lodash-1.0.2.tgz
CVE-2020-7608	yargs-parser-8.1.0.tgz
CVE-2022-3224	parse-url-5.0.1.tgz
CVE-2019-11358	jquery-1.11.1.js
CVE-2022-24999	qs-2.3.3.tgz
CVE-2019-16776	npm-4.6.1.tgz
CVE-2022-24441	snyk-1.19.1.tgz
WS-2019-0605	CSS::Sass-v3.6.0
CVE-2018-3721	lodash-2.4.1.js
CVE-2022-37614	mockery-2.1.0.tgz
CVE-2018-20676	bootstrap-3.2.0.min.js
CVE-2018-3737	sshpk-1.11.0.tgz
CVE-2017-16138	mime-1.3.4.tgz
WS-2020-0450	handlebars-4.1.2.tgz
CVE-2019-10795	undefsafe-0.0.3.tgz
CVE-2018-14040	bootstrap-3.2.0.min.js
CVE-2019-19919	handlebars-4.1.2.tgz
CVE-2018-20822	node-sass-v4.13.1
CVE-2017-18077	brace-expansion-1.1.6.tgz
CVE-2022-0691	url-parse-1.4.6.tgz
CVE-2021-3807	ansi-regex-5.0.0.tgz
CVE-2017-16042	growl-1.9.2.tgz
WS-2019-0063	js-yaml-3.7.0.tgz
CVE-2022-3517	minimatch-3.0.2.tgz
CVE-2021-23337	lodash-2.4.1.js
CVE-2023-45857	axios-0.21.1.tgz
CVE-2022-0691	url-parse-1.5.1.tgz
CVE-2021-29060	color-string-0.3.0.tgz
WS-2021-0153	ejs-2.7.4.tgz
CVE-2018-20676	bootstrap-3.3.7.tgz
CVE-2020-28500	lodash-1.0.2.tgz
CVE-2022-37599	loader-utils-2.0.0.tgz
WS-2018-0103	stringstream-0.0.5.tgz
WS-2020-0042	acorn-5.7.3.tgz
WS-2019-0339	bin-links-1.1.2.tgz
CVE-2022-0639	url-parse-1.5.1.tgz
WS-2022-0237	parse-url-5.0.1.tgz
CVE-2022-21681	marked-0.6.2.tgz
CVE-2019-10744	lodash.template-3.6.2.tgz
CVE-2022-26592	node-sass-v4.13.1
CVE-2023-5115	ansible-core-2.11.1.tar.gz
CVE-2017-20165	debug-2.6.8.tgz
CVE-2021-3583	ansible-core-2.11.1.tar.gz
CVE-2021-33623	trim-newlines-2.0.0.tgz
CVE-2022-1650	eventsource-1.1.0.tgz
CVE-2018-3750	deep-extend-0.4.1.tgz
CVE-2022-21680	marked-0.6.2.tgz
CVE-2019-18797	node-sass-v4.13.1
CVE-2021-44906	minimist-0.0.10.tgz
CVE-2016-10540	minimatch-0.2.14.tgz
CVE-2016-10735	bootstrap-3.3.7.tgz
CVE-2022-37603	loader-utils-1.4.0.tgz
CVE-2022-40764	snyk-1.19.1.tgz
CVE-2018-19838	node-sass-v4.13.1
CVE-2022-29078	ejs-2.7.4.tgz
CVE-2021-28092	is-svg-2.1.0.tgz
CVE-2018-16487	lodash-1.0.2.tgz
CVE-2018-14042	bootstrap-3.2.0.min.js
CVE-2022-24302	paramiko-2.7.2-py2.py3-none-any.whl
CVE-2020-15168	node-fetch-1.7.3.tgz
CVE-2022-0235	node-fetch-2.3.0.tgz
CVE-2022-0235	node-fetch-2.6.1.tgz
WS-2020-0127	npm-registry-fetch-3.9.0.tgz
CVE-2018-20821	node-sass-v4.13.1
CVE-2021-44906	minimist-1.2.5.tgz
CVE-2021-23807	jsonpointer-4.1.0.tgz
CVE-2020-28500	lodash-2.4.1.js
CVE-2012-6708	jquery-1.7.1.min.js
CVE-2018-11697	node-sass-v4.13.1
CVE-2019-20920	handlebars-4.1.2.tgz
CVE-2020-8203	lodash-1.0.2.tgz
CVE-2021-3664	url-parse-1.5.1.tgz
CVE-2022-25883	semver-7.3.5.tgz
CVE-2023-26115	word-wrap-1.2.3.tgz
CVE-2018-11697	CSS::Sass-v3.6.0
WS-2021-0152	color-string-0.3.0.tgz
CVE-2022-0512	url-parse-1.4.6.tgz
CVE-2018-20677	bootstrap-3.2.0.min.js
CVE-2021-23382	postcss-7.0.35.tgz
CVE-2020-8203	lodash-2.4.1.js
CVE-2021-25949	set-getter-0.1.0.tgz
WS-2018-0590	diff-3.2.0.tgz
WS-2021-0638	mocha-3.5.3.tgz
CVE-2015-9251	jquery-1.11.1.min.js
CVE-2019-12043	remarkable-1.7.1.js
CVE-2018-19826	node-sass-v4.13.1
CVE-2020-15366	ajv-5.5.2.tgz
CVE-2022-25881	http-cache-semantics-3.8.1.tgz
CVE-2017-1000048	qs-2.3.3.tgz
CVE-2019-12041	remarkable-1.7.1.js
CVE-2022-0686	url-parse-1.4.6.tgz
CVE-2022-2900	parse-url-5.0.1.tgz
CVE-2021-23368	postcss-7.0.35.tgz
CVE-2021-3620	ansible-core-2.11.1.tar.gz
CVE-2020-11023	jquery-1.7.2.min.js
CVE-2017-18869	chownr-1.0.1.tgz
CVE-2020-7608	yargs-parser-2.4.1.tgz
CVE-2022-29244	npm-6.9.0.tgz
CVE-2021-23425	trim-off-newlines-1.0.1.tgz
CVE-2022-0235	node-fetch-1.7.3.tgz
CVE-2022-0144	shelljs-0.8.4.tgz
CVE-2017-15010	tough-cookie-2.3.2.tgz
CVE-2019-6284	node-sass-v4.13.1
CVE-2019-16777	npm-6.9.0.tgz
CVE-2018-16492	extend-3.0.0.tgz
CVE-2021-44906	minimist-0.2.1.tgz
CVE-2019-10744	lodash-1.0.2.tgz
CVE-2018-21270	stringstream-0.0.5.tgz
CVE-2019-6283	node-sass-v4.13.1
WS-2022-0239	parse-url-5.0.1.tgz
CVE-2018-19827	node-sass-v4.13.1
CVE-2020-15366	ajv-4.11.4.tgz
CVE-2019-10744	lodash.template-4.4.0.tgz
WS-2020-0163	marked-0.6.2.tgz
CVE-2023-48795	paramiko-2.7.2-py2.py3-none-any.whl
CVE-2020-7754	npm-user-validate-0.1.5.tgz
CVE-2021-27515	url-parse-1.4.6.tgz
WS-2019-0425	mocha-3.5.3.tgz
CVE-2017-16032	brace-expansion-1.1.6.tgz
CVE-2019-11358	jquery-1.7.2.min.js
CVE-2021-43138	async-2.6.3.tgz
CVE-2022-0512	url-parse-1.5.1.tgz
CVE-2022-22984	snyk-1.19.1.tgz
WS-2020-0180	npm-user-validate-0.1.5.tgz
CVE-2018-11694	node-sass-v4.13.1
CVE-2022-37601	loader-utils-2.0.0.tgz
WS-2019-0209	marked-0.6.2.tgz
CVE-2022-3517	minimatch-0.2.14.tgz
CVE-2020-7608	yargs-parser-10.1.0.tgz
WS-2018-0347	eslint-3.19.0.tgz
CVE-2023-26159	follow-redirects-1.14.1.tgz
CVE-2022-24999	qs-6.7.0.tgz
CVE-2018-14732	webpack-dev-server-1.16.5.tgz
CVE-2018-16487	lodash-2.4.1.js
CVE-2012-6708	jquery-1.7.2.min.js
CVE-2018-11698	node-sass-v4.13.1
CVE-2021-23369	handlebars-4.1.2.tgz
CVE-2022-29244	npm-4.6.1.tgz
CVE-2022-46175	json5-2.2.0.tgz
CVE-2017-16137	debug-2.2.0.tgz
CVE-2020-11022	jquery-1.7.1.min.js
CVE-2017-16129	superagent-1.8.4.tgz
CVE-2021-3749	axios-0.21.1.tgz
CVE-2022-0639	url-parse-1.4.6.tgz
CVE-2020-11023	jquery-1.7.1.min.js
WS-2020-0180	npm-user-validate-1.0.0.tgz
CVE-2022-25883	semver-6.3.0.tgz
CVE-2021-3664	url-parse-1.4.6.tgz
CVE-2020-8116	dot-prop-3.0.0.tgz
CVE-2020-11022	jquery-1.11.1.min.js
WS-2022-0238	parse-url-5.0.1.tgz
CVE-2018-20677	bootstrap-3.3.7.tgz
CVE-2019-8331	bootstrap-3.2.0.min.js
CVE-2021-23382	postcss-5.2.18.tgz
CVE-2019-6286	node-sass-v4.13.1
CVE-2022-0536	follow-redirects-1.14.1.tgz
WS-2019-0338	bin-links-1.1.2.tgz
CVE-2020-7677	thenify-3.3.0.tgz
CVE-2015-9251	jquery-1.11.1.js
CVE-2022-37601	loader-utils-1.4.0.tgz
CVE-2022-2218	parse-url-5.0.1.tgz
CVE-2016-10540	minimatch-2.0.10.tgz
CVE-2020-11023	jquery-1.11.1.js
WS-2019-0032	js-yaml-3.7.0.tgz
CVE-2019-1010266	lodash-2.4.1.js
CVE-2021-23383	handlebars-4.1.2.tgz
CVE-2018-14042	bootstrap-3.3.7.tgz
CVE-2019-1010266	lodash-1.0.2.tgz
CVE-2022-21803	nconf-0.7.2.tgz
CVE-2019-16775	npm-6.9.0.tgz
CVE-2018-19839	CSS::Sass-v3.6.0
CVE-2018-14040	bootstrap-3.3.7.tgz
CVE-2015-9251	jquery-1.7.2.min.js
CVE-2020-15095	npm-6.9.0.tgz
CVE-2022-0686	url-parse-1.5.1.tgz
CVE-2022-2216	parse-url-5.0.1.tgz
CVE-2020-28503	documentation-v3-archive
WS-2019-0425	mocha-1.21.5.js
CVE-2022-31129	moment-2.29.1.tgz
CVE-2023-45133	babel-traverse-6.26.0.tgz
CVE-2019-16777	npm-4.6.1.tgz
CVE-2021-23382	postcss-6.0.23.tgz
WS-2018-0107	open-0.0.5.tgz
CVE-2020-11022	jquery-1.11.1.js
CVE-2022-25883	semver-7.0.0.tgz
CVE-2020-7598	minimist-0.0.10.tgz
CVE-2019-10744	lodash.merge-4.6.1.tgz
CVE-2022-3517	minimatch-3.0.3.tgz
CVE-2018-11499	node-sass-v4.13.1
CVE-2019-11358	jquery-1.11.1.min.js
CVE-2020-7608	yargs-parser-9.0.2.tgz
CVE-2019-20922	handlebars-4.1.2.tgz
CVE-2024-27088	es5-ext-0.10.49.tgz
CVE-2020-11022	jquery-1.7.2.min.js
CVE-2023-46234	browserify-sign-4.2.1.tgz
CVE-2020-7788	ini-1.3.4.tgz
CVE-2017-16137	debug-2.6.8.tgz
CVE-2020-28503	copy-props-1.6.0.tgz
CVE-2022-37598	uglify-js-3.5.6.tgz
CVE-2022-33987	got-3.3.1.tgz
WS-2019-0310	https-proxy-agent-2.2.1.tgz
CVE-2022-25901	cookiejar-2.0.6.tgz
CVE-2022-0722	parse-url-5.0.1.tgz
CVE-2018-3721	lodash-1.0.2.tgz
CVE-2022-29078	ejs-3.1.6.tgz
CVE-2019-8331	bootstrap-3.3.7.tgz
WS-2019-0307	mem-1.1.0.tgz
CVE-2020-7754	npm-user-validate-1.0.0.tgz
CVE-2020-8116	dot-prop-4.1.1.tgz
CVE-2016-10735	bootstrap-3.2.0.min.js
CVE-2019-15657	eslint-utils-1.3.1.tgz
CVE-2020-15095	npm-4.6.1.tgz
CVE-2020-7656	jquery-1.7.2.min.js
CVE-2023-26136	tough-cookie-2.3.2.tgz
CVE-2020-11023	jquery-1.11.1.min.js
CVE-2019-16776	npm-6.9.0.tgz
CVE-2022-1650	eventsource-0.1.6.tgz
CVE-2022-25858	terser-4.8.0.tgz

Base branch total remaining vulnerabilities: 388
Base branch commit: null

Total libraries scanned: 1933

Scan token: 2947242d3e074e81829687dd10e08cac

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency yeoman-generator to v6 - autoclosed #314

Update dependency yeoman-generator to v6 - autoclosed #314

Security Report

Re-running checks...