Skip to content

fix: get start section cards not aligned (#7624) (#7658)

Mend for GitHub.com / WhiteSource Security Check failed Aug 9, 2024 in 15m 33s

Security Report

You have successfully remediated 2 vulnerabilities, but introduced 3 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2023-26156

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/chromedriver/package.json

Dependency Hierarchy:

-> ❌ chromedriver-107.0.3.tgz (Vulnerable Library)

High 7.5 chromedriver-107.0.3.tgz Upgrade to version: chromedriver - 119.0.1 None
CVE-2024-4067

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/micromatch/package.json

Dependency Hierarchy:

-> @elastic/safer-lodash-set-0.0.0.tgz (Root Library)

   -> dependency-check-4.1.0.tgz

     -> ❌ micromatch-4.0.7.tgz (Vulnerable Library)

Medium 5.3 micromatch-4.0.7.tgz #6791
CVE-2024-4067

Vulnerable Source Files:

❌ /packages/osd-ui-framework/node_modules/micromatch/index.js

 Medium 5.3 juice-shopjuice-shop-14.0.0_node14_darwin_x64 #6791

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2023-28155 request-2.88.12.tgz
CVE-2024-4067 juice-shop-juice-shop-15.2.0_node16_win32_x64

Base branch total remaining vulnerabilities: 16
Base branch commit: aa807e55f94e44aa87faab28fcf38b227299d46f


Total libraries scanned: 2458

Scan token: ff8baeae04fb4e119d589544a66e16d3

View more details on Mend for GitHub.com