Skip to content

Bump `agentkeepalive` to v4.5.0 to solve a problem preventing the use…

Mend for GitHub.com / WhiteSource Security Check failed Oct 3, 2023 in 9m 1s

Security Report

The Security Check found 25 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
WS-2017-0113

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html

Dependency Hierarchy:

-> ❌ angular-1.5.0.js (Vulnerable Library)

High 8.6 angular-1.5.0.js Upgrade to version: angular - 1.6.0 #4738
WS-2017-3772

Vulnerable Source Files:

❌ /packages/osd-ui-framework/node_modules/underscore.string/unescapeHTML.js

High 7.5 juice-shopjuice-shop-14.5.1_node16_darwin_x64 Upgrade to version: underscore.string - 3.3.5 #4734
CVE-2022-43358

Vulnerable Source Files:

❌ /node_modules/node-sass/src/libsass/src/ast_selectors.cpp

High 7.5 sassv0.4.7 #4877
CVE-2022-43357

Vulnerable Source Files:

❌ /node_modules/node-sass/src/libsass/src/ast_selectors.cpp

High 7.5 sassv0.4.7 #4812
CVE-2019-20149
High 7.5 juice-shopjuice-shop-13.3.0_node16_darwin_x64 Upgrade to version: 6.0.3 #4726
CVE-2019-10768

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html

Dependency Hierarchy:

-> ❌ angular-1.5.0.js (Vulnerable Library)

High 7.5 angular-1.5.0.js Upgrade to version: angularjs - 1.7.9 #4731
WS-2018-0022

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs/index.html,/node_modules/ui-select/docs-built/demo-object-as-source.html

Dependency Hierarchy:

-> ❌ angular-sanitize-1.5.0.js (Vulnerable Library)

Medium 6.1 angular-sanitize-1.5.0.js Upgrade to version: 1.6.9 #4724
CVE-2023-26487

Path to dependency file: /node_modules/leaflet-vega/demo/demo.html

Path to vulnerable library: /node_modules/leaflet-vega/demo/demo.html

Dependency Hierarchy:

-> ❌ vega-5.22.1.js (Vulnerable Library)

Medium 6.1 vega-5.22.1.js Upgrade to version: vega - 5.23.0, vega-functions - 5.13.1 #3525
CVE-2023-26486

Path to dependency file: /node_modules/leaflet-vega/demo/demo.html

Path to vulnerable library: /node_modules/leaflet-vega/demo/demo.html

Dependency Hierarchy:

-> ❌ vega-5.22.1.js (Vulnerable Library)

Medium 6.1 vega-5.22.1.js Upgrade to version: vega - 5.23.0, vega-functions - 5.13.1 #3526
CVE-2022-25869

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html

Dependency Hierarchy:

-> ❌ angular-1.5.0.js (Vulnerable Library)

Medium 6.1 angular-1.5.0.js #1906
CVE-2020-11023

Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html

Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html

Dependency Hierarchy:

-> ❌ jquery-1.11.1.js (Vulnerable Library)

Medium 6.1 jquery-1.11.1.js Upgrade to version: jquery - 3.5.0;jquery-rails - 4.4.0 #4732
CVE-2020-11022

Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html

Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html

Dependency Hierarchy:

-> ❌ jquery-1.11.1.js (Vulnerable Library)

Medium 6.1 jquery-1.11.1.js Upgrade to version: jQuery - 3.5.0 #4733
CVE-2019-8331

Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html

Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html

Dependency Hierarchy:

-> ❌ bootstrap-3.3.7.min.js (Vulnerable Library)

Medium 6.1 bootstrap-3.3.7.min.js Upgrade to version: bootstrap - 3.4.1,4.3.1;bootstrap-sass - 3.4.1,4.3.1 #4722
CVE-2019-11358

Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html

Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html

Dependency Hierarchy:

-> ❌ jquery-1.11.1.js (Vulnerable Library)

Medium 6.1 jquery-1.11.1.js Upgrade to version: jquery - 3.4.0 #4730
CVE-2018-20677

Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html

Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html

Dependency Hierarchy:

-> ❌ bootstrap-3.3.7.min.js (Vulnerable Library)

Medium 6.1 bootstrap-3.3.7.min.js Upgrade to version: Bootstrap - v3.4.0;NorDroN.AngularTemplate - 0.1.6;Dynamic.NET.Express.ProjectTemplates - 0.8.0;dotnetng.template - 1.0.0.4;ZNxtApp.Core.Module.Theme - 1.0.9-Beta;JMeter - 5.0.0 #4725
CVE-2018-20676

Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html

Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html

Dependency Hierarchy:

-> ❌ bootstrap-3.3.7.min.js (Vulnerable Library)

Medium 6.1 bootstrap-3.3.7.min.js Upgrade to version: bootstrap - 3.4.0 #4728
CVE-2018-14042

Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html

Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html

Dependency Hierarchy:

-> ❌ bootstrap-3.3.7.min.js (Vulnerable Library)

Medium 6.1 bootstrap-3.3.7.min.js Upgrade to version: org.webjars.npm:bootstrap:4.1.2.org.webjars:bootstrap:3.4.0 #4727
CVE-2018-14040

Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html

Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html

Dependency Hierarchy:

-> ❌ bootstrap-3.3.7.min.js (Vulnerable Library)

Medium 6.1 bootstrap-3.3.7.min.js Upgrade to version: org.webjars.npm:bootstrap:4.1.2,org.webjars:bootstrap:3.4.0 #4723
CVE-2016-10735

Path to dependency file: /node_modules/leaflet-draw/docs/examples/basic.html

Path to vulnerable library: /node_modules/leaflet-draw/docs/examples/basic.html

Dependency Hierarchy:

-> ❌ bootstrap-3.3.7.min.js (Vulnerable Library)

Medium 6.1 bootstrap-3.3.7.min.js Upgrade to version: bootstrap - 3.4.0, 4.0.0-beta.2 #4729
CVE-2015-9251

Path to dependency file: /node_modules/javascript-natural-sort/unit-tests.html

Path to vulnerable library: /node_modules/javascript-natural-sort/unit-tests.html

Dependency Hierarchy:

-> ❌ jquery-1.11.1.js (Vulnerable Library)

Medium 6.1 jquery-1.11.1.js Upgrade to version: jQuery - 3.0.0 #4736
CVE-2023-44270

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/postcss/package.json,/node_modules/postcss/package.json

Dependency Hierarchy:

-> ❌ postcss-8.4.12.tgz (Vulnerable Library)

Medium 5.5 postcss-8.4.12.tgz Upgrade to version: postcss - 8.4.31 #5178
CVE-2020-7676

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html

Dependency Hierarchy:

-> ❌ angular-1.5.0.js (Vulnerable Library)

Medium 5.4 angular-1.5.0.js Upgrade to version: 1.8.0 #4737
CVE-2023-26118

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html

Dependency Hierarchy:

-> ❌ angular-1.5.0.js (Vulnerable Library)

Medium 5.3 angular-1.5.0.js #3736
CVE-2023-26117

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html

Dependency Hierarchy:

-> ❌ angular-1.5.0.js (Vulnerable Library)

Medium 5.3 angular-1.5.0.js #3735
CVE-2023-26116

Path to dependency file: /node_modules/ui-select/docs-out/demo-tagging.html

Path to vulnerable library: /node_modules/ui-select/docs-out/demo-tagging.html,/node_modules/ui-select/docs-built/demo-object-as-source.html,/node_modules/ui-select/docs/index.html

Dependency Hierarchy:

-> ❌ angular-1.5.0.js (Vulnerable Library)

Medium 5.3 angular-1.5.0.js #3734

Total libraries scanned: 2536
Scan token: 397bcd6da3824a20a6ffdce96db74f9e