Skip to content

[Workspace]feat: add collaborator table to workspace detail page (#85…

Mend for GitHub.com / WhiteSource Security Check failed Oct 9, 2024 in 11m 42s

Security Report

You have successfully remediated 2 vulnerabilities, but introduced 3 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
WS-2017-3772

Vulnerable Source Files:

❌ /packages/osd-ui-framework/node_modules/underscore.string/unescapeHTML.js

High 7.5 juice-shopjuice-shop-14.5.1_node16_darwin_x64 Upgrade to version: underscore.string - 3.3.5 #4734
CVE-2024-39338

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/chromedriver/node_modules/axios/package.json

Dependency Hierarchy:

-> chromedriver-107.0.3.tgz (Root Library)

   -> ❌ axios-1.7.2.tgz (Vulnerable Library)

High 7.5 axios-1.7.2.tgz Upgrade to version: axios - 1.7.4 #7682
CVE-2023-26156

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/chromedriver/package.json

Dependency Hierarchy:

-> ❌ chromedriver-107.0.3.tgz (Vulnerable Library)

Medium 5.6 chromedriver-107.0.3.tgz Upgrade to version: chromedriver - 119.0.1 None

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2023-28155 request-2.88.12.tgz
WS-2017-3772 juice-shop-juice-shop-15.3.0_node20_win32_x64

Base branch total remaining vulnerabilities: 16
Base branch commit: 98df4dda234c93a206954b4db238544cfc7c958c


Total libraries scanned: 2454

Scan token: 02672461c9c443a5bed4afa998862560