Skip to content

Merge pull request #1 from billmcchesney1/whitesource/configure

Mend for github.com / WhiteSource Security Check failed Dec 10, 2024 in 3m 12s

Security Report

The Security Check found 6 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2021-23337

Dependency Hierarchy:

-> ❌ lodash-4.17.19.tgz (Vulnerable Library)

High 7.2 lodash-4.17.19.tgz Upgrade to version: lodash - 4.17.21, lodash-es - 4.17.21 #38
CVE-2021-46708

Path to dependency file: /packages/core/package.json

Path to vulnerable library: /packages/core/node_modules/swagger-ui-dist/package.json

Dependency Hierarchy:

-> swagger-ui-express-4.1.4.tgz (Root Library)

   -> ❌ swagger-ui-dist-3.35.1.tgz (Vulnerable Library)

Medium 6.1 swagger-ui-dist-3.35.1.tgz Upgrade to version: swagger-ui-dist - 4.1.3 #172
CVE-2020-15366

Path to dependency file: /packages/core/package.json

Path to vulnerable library: /packages/core/node_modules/ajv/package.json

Dependency Hierarchy:

-> ❌ ajv-6.2.1.tgz (Vulnerable Library)

Medium 5.6 ajv-6.2.1.tgz Upgrade to version: ajv - 6.12.3 #27
CVE-2020-28500

Dependency Hierarchy:

-> ❌ lodash-4.17.19.tgz (Vulnerable Library)

Medium 5.3 lodash-4.17.19.tgz Upgrade to version: lodash - 4.17.21 #37
CVE-2018-25031

Path to dependency file: /packages/core/package.json

Path to vulnerable library: /packages/core/node_modules/swagger-ui-dist/package.json

Dependency Hierarchy:

-> swagger-ui-express-4.1.4.tgz (Root Library)

   -> ❌ swagger-ui-dist-3.35.1.tgz (Vulnerable Library)

Medium 4.3 swagger-ui-dist-3.35.1.tgz Upgrade to version: swagger-ui - 4.1.3;swagger-ui-dist - 4.1.3 #171
CVE-2017-16137

Path to dependency file: /packages/mongoose/package.json

Path to vulnerable library: /packages/mongoose/package.json,/packages/graphql/node_modules/debug/package.json,/packages/core/node_modules/debug/package.json

Dependency Hierarchy:

-> ❌ debug-4.2.0.tgz (Vulnerable Library)

Low 3.7 debug-4.2.0.tgz Upgrade to version: debug - 2.6.9,3.1.0,3.2.7,4.3.1 #173

Total libraries scanned: 58
Scan token: 2e5702d53b74d49d2998836193811f8cf1733832000016_1
View more details on Mend for github.com