Security Report
The Security Check found 25 vulnerabilities.
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
WS-2017-0113Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html Dependency Hierarchy: -> ❌ angular-1.5.0.js (Vulnerable Library) |
High | 8.6 | angular-1.5.0.js | Upgrade to version: angular - 1.6.0 | #4738 |
WS-2017-3772Vulnerable Source Files: ❌ /packages/osd-ui-framework/node_modules/underscore.string/unescapeHTML.js |
High | 7.5 | juice-shopjuice-shop-14.5.1_node16_darwin_x64 | Upgrade to version: underscore.string - 3.3.5 | #4734 |
High | 7.5 | sassv0.4.7 | #4877 | ||
High | 7.5 | sassv0.4.7 | #4812 | ||
High | 7.5 | juice-shopjuice-shop-13.3.0_node16_darwin_x64 | Upgrade to version: 6.0.3 | #4726 | |
CVE-2019-10768Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html Dependency Hierarchy: -> ❌ angular-1.5.0.js (Vulnerable Library) |
High | 7.5 | angular-1.5.0.js | Upgrade to version: angularjs - 1.7.9 | #4731 |
WS-2018-0022Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs/index.html,/node_modules/ui-select/docs-built/demo-object-as-source.html Dependency Hierarchy: -> ❌ angular-sanitize-1.5.0.js (Vulnerable Library) |
Medium | 6.1 | angular-sanitize-1.5.0.js | Upgrade to version: 1.6.9 | #4724 |
CVE-2023-26487Path to dependency file: /node_modules/leaflet-vega/demo/demo.html Path to vulnerable library: /node_modules/leaflet-vega/demo/demo.html Dependency Hierarchy: -> ❌ vega-5.22.1.js (Vulnerable Library) |
Medium | 6.1 | vega-5.22.1.js | Upgrade to version: vega - 5.23.0, vega-functions - 5.13.1 | #3525 |
CVE-2023-26486Path to dependency file: /node_modules/leaflet-vega/demo/demo.html Path to vulnerable library: /node_modules/leaflet-vega/demo/demo.html Dependency Hierarchy: -> ❌ vega-5.22.1.js (Vulnerable Library) |
Medium | 6.1 | vega-5.22.1.js | Upgrade to version: vega - 5.23.0, vega-functions - 5.13.1 | #3526 |
CVE-2022-25869Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html Dependency Hierarchy: -> ❌ angular-1.5.0.js (Vulnerable Library) |
Medium | 6.1 | angular-1.5.0.js | #1906 | |
CVE-2020-11023Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html Dependency Hierarchy: -> ❌ jquery-1.11.1.js (Vulnerable Library) |
Medium | 6.1 | jquery-1.11.1.js | Upgrade to version: jquery - 3.5.0;jquery-rails - 4.4.0 | #4732 |
CVE-2020-11022Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html Dependency Hierarchy: -> ❌ jquery-1.11.1.js (Vulnerable Library) |
Medium | 6.1 | jquery-1.11.1.js | Upgrade to version: jQuery - 3.5.0 | #4733 |
CVE-2019-8331Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html Dependency Hierarchy: -> ❌ bootstrap-3.3.7.min.js (Vulnerable Library) |
Medium | 6.1 | bootstrap-3.3.7.min.js | Upgrade to version: bootstrap - 3.4.1,4.3.1;bootstrap-sass - 3.4.1,4.3.1 | #4722 |
CVE-2019-11358Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html Dependency Hierarchy: -> ❌ jquery-1.11.1.js (Vulnerable Library) |
Medium | 6.1 | jquery-1.11.1.js | Upgrade to version: jquery - 3.4.0 | #4730 |
CVE-2018-20677Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html Dependency Hierarchy: -> ❌ bootstrap-3.3.7.min.js (Vulnerable Library) |
Medium | 6.1 | bootstrap-3.3.7.min.js | Upgrade to version: Bootstrap - v3.4.0;NorDroN.AngularTemplate - 0.1.6;Dynamic.NET.Express.ProjectTemplates - 0.8.0;dotnetng.template - 1.0.0.4;ZNxtApp.Core.Module.Theme - 1.0.9-Beta;JMeter - 5.0.0 | #4725 |
CVE-2018-20676Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html Dependency Hierarchy: -> ❌ bootstrap-3.3.7.min.js (Vulnerable Library) |
Medium | 6.1 | bootstrap-3.3.7.min.js | Upgrade to version: bootstrap - 3.4.0 | #4728 |
CVE-2018-14042Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html Dependency Hierarchy: -> ❌ bootstrap-3.3.7.min.js (Vulnerable Library) |
Medium | 6.1 | bootstrap-3.3.7.min.js | Upgrade to version: org.webjars.npm:bootstrap:4.1.2.org.webjars:bootstrap:3.4.0 | #4727 |
CVE-2018-14040Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html Dependency Hierarchy: -> ❌ bootstrap-3.3.7.min.js (Vulnerable Library) |
Medium | 6.1 | bootstrap-3.3.7.min.js | Upgrade to version: org.webjars.npm:bootstrap:4.1.2,org.webjars:bootstrap:3.4.0 | #4723 |
CVE-2016-10735Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html Dependency Hierarchy: -> ❌ bootstrap-3.3.7.min.js (Vulnerable Library) |
Medium | 6.1 | bootstrap-3.3.7.min.js | Upgrade to version: bootstrap - 3.4.0, 4.0.0-beta.2 | #4729 |
CVE-2015-9251Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html Dependency Hierarchy: -> ❌ jquery-1.11.1.js (Vulnerable Library) |
Medium | 6.1 | jquery-1.11.1.js | Upgrade to version: jQuery - 3.0.0 | #4736 |
CVE-2023-44270Path to dependency file: /package.json Path to vulnerable library: /node_modules/postcss/package.json,/node_modules/postcss/package.json Dependency Hierarchy: -> ❌ postcss-8.4.12.tgz (Vulnerable Library) |
Medium | 5.5 | postcss-8.4.12.tgz | Upgrade to version: postcss - 8.4.31 | #5178 |
CVE-2020-7676Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html Dependency Hierarchy: -> ❌ angular-1.5.0.js (Vulnerable Library) |
Medium | 5.4 | angular-1.5.0.js | Upgrade to version: 1.8.0 | #4737 |
CVE-2023-26118Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html Dependency Hierarchy: -> ❌ angular-1.5.0.js (Vulnerable Library) |
Medium | 5.3 | angular-1.5.0.js | #3736 | |
CVE-2023-26117Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html Dependency Hierarchy: -> ❌ angular-1.5.0.js (Vulnerable Library) |
Medium | 5.3 | angular-1.5.0.js | #3735 | |
CVE-2023-26116Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html Dependency Hierarchy: -> ❌ angular-1.5.0.js (Vulnerable Library) |
Medium | 5.3 | angular-1.5.0.js | #3734 |
Total libraries scanned: 2536
Scan token: 397bcd6da3824a20a6ffdce96db74f9e