Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 1 vulnerabilities #111

Open
wants to merge 1 commit into
base: staging
Choose a base branch
from

fix: package.json to reduce vulnerabilities

c9b1e8d
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Fix for 1 vulnerabilities #111

fix: package.json to reduce vulnerabilities
c9b1e8d
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / WhiteSource Security Check succeeded Feb 12, 2024 in 5m 57s

Security Report

You have successfully remediated 192 vulnerabilities, but introduced 1 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
WS-2019-0425

Path to dependency file: /public/bower_components/mousetrap/tests/mousetrap.html

Path to vulnerable library: /public/bower_components/mousetrap/tests/libs/mocha-1.9.0.js

Dependency Hierarchy:

-> ❌ mocha-1.9.0.js (Vulnerable Library)

Medium 5.3 mocha-1.9.0.js Upgrade to version: v6.0.0 None

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2022-0235 node-fetch-1.7.3.tgz
CVE-2022-2421 socket.io-parser-3.2.0.tgz
CVE-2017-20165 debug-2.2.0.tgz
WS-2020-0091 http-proxy-1.15.2.tgz
CVE-2019-10744 lodash-4.17.11.tgz
CVE-2021-21368 msgpack5-3.6.0.tgz
CVE-2020-7610 bson-0.4.23.tgz
CVE-2022-25883 semver-5.6.0.tgz
CVE-2020-15366 ajv-4.11.8.tgz
CVE-2020-7733 ua-parser-js-0.7.19.tgz
WS-2021-0153 ejs-2.6.1.tgz
CVE-2021-3805 object-path-0.9.2.tgz
CVE-2017-20162 ms-0.7.1.tgz
CVE-2019-10744 lodash-1.0.2.tgz
CVE-2022-21222 css-what-2.1.2.tgz
WS-2019-0209 marked-0.5.2.tgz
CVE-2022-21681 marked-0.5.2.tgz
WS-2018-0347 eslint-2.13.1.tgz
CVE-2020-7789 node-notifier-4.6.1.tgz
WS-2020-0344 is-my-json-valid-2.19.0.tgz
CVE-2022-29078 ejs-2.6.1.tgz
CVE-2021-41580 passport-oauth2-1.4.0.tgz
CVE-2021-21366 xmldom-0.1.27.tgz
CVE-2021-4279 fast-json-patch-2.0.7.tgz
CVE-2021-33502 normalize-url-1.9.1.tgz
CVE-2019-10744 lodash-es-4.17.11.tgz
CVE-2020-28168 axios-0.17.1.tgz
CVE-2022-3517 minimatch-2.0.10.tgz
WS-2019-0311 mongodb-2.2.36.tgz
CVE-2019-10746 mixin-deep-1.3.1.tgz
CVE-2021-3918 json-schema-0.2.3.tgz
CVE-2022-0536 follow-redirects-1.5.10.tgz
CVE-2022-24999 qs-6.5.2.tgz
WS-2020-0342 is-my-json-valid-2.19.0.tgz
CVE-2017-16129 superagent-2.3.0.tgz
CVE-2020-7610 bson-1.0.9.tgz
WS-2020-0163 marked-0.5.2.tgz
CVE-2022-3517 minimatch-0.3.0.tgz
CVE-2022-33987 got-6.7.1.tgz
CVE-2022-25887 sanitize-html-1.19.3.tgz
CVE-2021-23337 lodash-4.17.11.tgz
CVE-2021-23343 path-parse-1.0.6.tgz
CVE-2022-2421 socket.io-parser-3.3.0.tgz
CVE-2020-36049 socket.io-parser-3.2.0.tgz
CVE-2021-23337 lodash-1.0.2.tgz
CVE-2020-7660 serialize-javascript-1.5.0.tgz
CVE-2022-3517 minimatch-0.2.14.tgz
CVE-2020-36049 socket.io-parser-3.3.0.tgz
CVE-2020-28469 glob-parent-2.0.0.tgz
WS-2019-0160 loopback-connector-mongodb-1.15.2.tgz
CVE-2019-10742 axios-0.17.1.tgz
CVE-2020-8203 lodash-4.17.11.tgz
WS-2019-0017 clean-css-3.4.28.tgz
CVE-2021-23434 object-path-0.9.2.tgz
CVE-2019-10744 lodash-3.10.1.tgz
CVE-2020-28472 aws-sdk-2.371.0.tgz
WS-2018-0167 loopback-connector-mongodb-1.15.2.tgz
CVE-2020-28500 lodash-4.17.11.tgz
CVE-2017-16137 debug-2.2.0.tgz
CVE-2020-24939 supermixer-1.0.3.tgz
CVE-2022-46175 json5-0.5.1.tgz
CVE-2021-27292 ua-parser-js-0.7.19.tgz
CVE-2019-10747 set-value-0.4.3.tgz
WS-2019-0063 js-yaml-3.12.0.tgz
CVE-2023-45857 axios-0.17.1.tgz
CVE-2021-32640 ws-6.1.2.tgz
CVE-2022-38900 decode-uri-component-0.2.0.tgz
CVE-2020-15256 object-path-0.9.2.tgz
CVE-2022-39353 xmldom-0.1.27.tgz
CVE-2023-28155 request-2.81.0.tgz
CVE-2020-28502 xmlhttprequest-ssl-1.5.5.tgz
CVE-2020-8116 dot-prop-4.2.0.tgz
CVE-2023-26136 tough-cookie-2.3.4.tgz
CVE-2020-7793 ua-parser-js-0.7.17.tgz
CVE-2021-26540 sanitize-html-1.19.3.tgz
CVE-2023-26136 tough-cookie-2.5.0.tgz
CVE-2020-7598 minimist-0.0.8.tgz
CVE-2017-16042 growl-1.9.2.tgz
CVE-2021-23440 set-value-2.0.0.tgz
CVE-2020-7774 y18n-3.2.1.tgz
CVE-2021-3749 axios-0.17.1.tgz
WS-2022-0284 moment-timezone-0.5.23.tgz
CVE-2018-20676 bootstrap-3.3.7.tgz
CVE-2020-36048 engine.io-3.2.1.tgz
CVE-2020-28500 lodash-1.0.2.tgz
CVE-2018-16487 lodash-3.10.1.tgz
CVE-2021-23362 hosted-git-info-2.7.1.tgz
CVE-2022-31129 moment-2.22.2.tgz
CVE-2022-25896 passport-0.3.2.tgz
CVE-2018-20677 bootstrap-3.3.7.tgz
WS-2020-0042 acorn-5.7.3.tgz
CVE-2019-20149 kind-of-6.0.2.tgz
CVE-2020-7605 gulp-tape-0.0.9.tgz
CVE-2021-3765 validator-5.7.0.tgz
CVE-2022-24999 qs-6.4.0.tgz
CVE-2019-2391 bson-1.0.9.tgz
CVE-2020-7733 ua-parser-js-0.7.17.tgz
CVE-2021-44906 minimist-0.0.8.tgz
CVE-2019-10744 lodash.template-3.6.2.tgz
WS-2021-0638 mocha-2.5.3.tgz
WS-2019-0425 mocha-2.5.3.tgz
CVE-2022-25896 passport-0.2.2.tgz
CVE-2018-16487 lodash-4.16.6.tgz
CVE-2017-16137 debug-3.2.6.tgz
CVE-2016-10540 minimatch-2.0.10.tgz
CVE-2022-24785 moment-2.22.2.tgz
CVE-2018-3721 lodash-3.10.1.tgz
CVE-2018-14042 bootstrap-3.3.7.tgz
WS-2019-0032 js-yaml-3.12.0.tgz
CVE-2019-1010266 lodash-1.0.2.tgz
CVE-2021-23358 underscore-1.9.1.tgz
WS-2019-0247 loopback-2.41.1.tgz
CVE-2022-25901 cookiejar-2.1.2.tgz
CVE-2020-7788 ini-1.3.5.tgz
CVE-2021-32796 xmldom-0.1.27.tgz
CVE-2016-10540 minimatch-0.2.14.tgz
CVE-2020-7753 trim-0.0.1.tgz
CVE-2020-7608 yargs-parser-4.2.1.tgz
WS-2019-0024 marked-0.5.2.tgz
CVE-2016-10735 bootstrap-3.3.7.tgz
CVE-2018-14040 bootstrap-3.3.7.tgz
CVE-2020-28481 socket.io-2.1.1.tgz
CVE-2021-43138 async-2.6.1.tgz
CVE-2022-37601 loader-utils-0.2.17.tgz
CVE-2019-10744 lodash-4.16.6.tgz
CVE-2019-10747 set-value-2.0.0.tgz
CVE-2020-28500 lodash-3.10.1.tgz
CVE-2022-24999 qs-6.2.3.tgz
CVE-2018-1000620 cryptiles-2.0.5.tgz
CVE-2021-26539 sanitize-html-1.19.3.tgz
CVE-2023-45133 babel-traverse-6.26.0.tgz
CVE-2022-25883 semver-4.3.6.tgz
CVE-2020-28500 lodash-4.16.6.tgz
CVE-2018-16487 lodash-1.0.2.tgz
CVE-2022-0155 follow-redirects-1.5.10.tgz
CVE-2019-10744 lodash.merge-4.6.1.tgz
CVE-2021-23807 jsonpointer-4.0.1.tgz
CVE-2020-15168 node-fetch-1.7.3.tgz
CVE-2021-3803 nth-check-1.0.2.tgz
CVE-2022-21680 marked-0.5.2.tgz
WS-2022-0280 moment-timezone-0.5.23.tgz
CVE-2023-26136 tough-cookie-2.4.3.tgz
CVE-2023-0842 xml2js-0.4.19.tgz
CVE-2022-1365 cross-fetch-0.0.8.tgz
CVE-2021-23337 lodash-es-4.17.11.tgz
CVE-2019-1010266 lodash-3.10.1.tgz
WS-2018-0590 diff-1.4.0.tgz
CVE-2021-23400 nodemailer-2.7.2.tgz
CVE-2020-7598 minimist-1.2.0.tgz
CVE-2019-16769 serialize-javascript-1.5.0.tgz
CVE-2020-7793 ua-parser-js-0.7.19.tgz
CVE-2020-7608 yargs-parser-5.0.0.tgz
CVE-2020-8203 lodash-1.0.2.tgz
CVE-2020-8244 bl-1.2.2.tgz
CVE-2021-23337 lodash-3.10.1.tgz
CVE-2019-10795 undefsafe-2.0.2.tgz
CVE-2015-8857 uglify-js-2.2.5.tgz
CVE-2016-10540 minimatch-0.3.0.tgz
CVE-2020-7769 nodemailer-2.7.2.tgz
CVE-2019-2391 bson-0.4.23.tgz
CVE-2021-23440 set-value-0.4.3.tgz
CVE-2020-15366 ajv-6.6.1.tgz
WS-2020-0443 socket.io-2.1.1.tgz
CVE-2020-7661 url-regex-3.2.0.tgz
CVE-2021-27292 ua-parser-js-0.7.17.tgz
CVE-2021-23337 lodash-4.16.6.tgz
CVE-2021-31597 xmlhttprequest-ssl-1.5.5.tgz
CVE-2020-28469 glob-parent-3.1.0.tgz
CVE-2018-3721 lodash-1.0.2.tgz
CVE-2019-8331 bootstrap-3.3.7.tgz
CVE-2021-44906 minimist-1.2.0.tgz
WS-2019-0307 mem-1.1.0.tgz
CVE-2021-3807 ansi-regex-3.0.0.tgz
CVE-2018-3721 lodash-4.16.6.tgz
WS-2019-0169 marked-0.5.2.tgz
CVE-2019-1010266 lodash-4.16.6.tgz
WS-2019-0180 lodash.mergewith-4.6.1.tgz
WS-2020-0345 jsonpointer-4.0.1.tgz
WS-2019-0217 constantinople-3.0.2.tgz
CVE-2023-28155 request-2.88.0.tgz
WS-2019-0289 helmet-csp-1.2.2.tgz
CVE-2015-8858 uglify-js-2.2.5.tgz
CVE-2020-8203 lodash-3.10.1.tgz
CVE-2018-3728 hoek-2.16.3.tgz
WS-2018-0068 constantinople-3.0.2.tgz
CVE-2019-10744 lodash.mergewith-4.6.1.tgz
CVE-2022-0144 shelljs-0.6.1.tgz
CVE-2020-8203 lodash-4.16.6.tgz
CVE-2023-26159 follow-redirects-1.5.10.tgz
CVE-2020-7608 yargs-parser-2.4.1.tgz
CVE-2022-3517 minimatch-3.0.4.tgz
CVE-2022-41940 engine.io-3.2.1.tgz

Base branch total remaining vulnerabilities: 202
Base branch commit: null


Total libraries scanned: 24

Scan token: a683058dc1dd4ef0b08a009ac2c549b4