chore(deps): update dependency snyk to v1.1064.0 #6
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|
CVE-2024-45590Path to dependency file: /package.json Path to vulnerable library: /node_modules/express/node_modules/body-parser/package.json Dependency Hierarchy: -> express-4.17.3.tgz (Root Library) -> ❌ body-parser-1.19.2.tgz (Vulnerable Library) |
 High |
7.5 | body-parser-1.19.2.tgz | Upgrade to version: body-parser - 1.20.3 | #20 |
|
CVE-2024-45590Path to dependency file: /package.json Path to vulnerable library: /node_modules/body-parser/package.json Dependency Hierarchy: -> ❌ body-parser-1.20.1.tgz (Vulnerable Library) |
High |
7.5 | body-parser-1.20.1.tgz | Upgrade to version: body-parser - 1.20.3 | None |
|
CVE-2024-43799Path to dependency file: /package.json Path to vulnerable library: /node_modules/express/node_modules/send/package.json Dependency Hierarchy: -> express-4.17.3.tgz (Root Library) -> ❌ send-0.17.2.tgz (Vulnerable Library) |
 Medium |
5.0 | send-0.17.2.tgz | Upgrade to version: send - 0.19.0 | #20 |
|
CVE-2024-43796Path to dependency file: /package.json Path to vulnerable library: /node_modules/express/package.json Dependency Hierarchy: -> ❌ express-4.17.3.tgz (Vulnerable Library) |
Medium |
5.0 | express-4.17.3.tgz | Upgrade to version: express - 4.20.0,5.0.0 | #20 |
|
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2022-25881 | http-cache-semantics-4.1.0.tgz |
| CVE-2024-29415 | ip-1.1.5.tgz |
| CVE-2020-7598 | minimist-1.2.0.tgz |
| CVE-2023-48795 | ssh2-0.8.9.tgz |
| CVE-2022-33987 | got-11.4.0.tgz |
| CVE-2022-22984 | snyk-python-plugin-1.19.1.tgz |
| CVE-2021-23490 | parse-link-header-1.0.1.tgz |
| CVE-2021-23406 | pac-resolver-3.0.0.tgz |
| CVE-2021-28918 | netmask-1.0.6.tgz |
| CVE-2021-3807 | ansi-regex-4.1.0.tgz |
| CVE-2021-23413 | jszip-3.4.0.tgz |
| CVE-2020-7788 | ini-1.3.4.tgz |
| CVE-2023-26115 | word-wrap-1.2.3.tgz |
| CVE-2022-22984 | snyk-sbt-plugin-2.11.0.tgz |
| CVE-2022-48285 | jszip-3.5.0.tgz |
| CVE-2022-40764 | snyk-1.434.3.tgz |
| CVE-2020-7788 | ini-1.3.5.tgz |
| CVE-2022-25883 | semver-6.3.0.tgz |
| CVE-2022-22984 | snyk-cocoapods-plugin-2.5.1.tgz |
| CVE-2024-21538 | cross-spawn-6.0.5.tgz |
| CVE-2021-3807 | ansi-regex-5.0.0.tgz |
| CVE-2024-48964 | snyk-gradle-plugin-3.10.3.tgz |
| CVE-2022-33987 | got-9.6.0.tgz |
| CVE-2023-0842 | xml2js-0.4.23.tgz |
| CVE-2021-23362 | hosted-git-info-3.0.7.tgz |
| CVE-2021-44906 | minimist-1.2.0.tgz |
| CVE-2024-48963 | snyk-php-plugin-1.9.2.tgz |
| CVE-2021-23362 | hosted-git-info-2.8.8.tgz |
| CVE-2021-23413 | jszip-3.5.0.tgz |
| CVE-2024-4067 | micromatch-4.0.2.tgz |
| CVE-2021-23406 | degenerator-1.0.4.tgz |
| CVE-2020-26301 | ssh2-0.8.9.tgz |
| CVE-2021-43138 | async-3.2.0.tgz |
| CVE-2022-48285 | jszip-3.4.0.tgz |
| CVE-2021-33502 | normalize-url-4.5.0.tgz |
| CVE-2022-22984 | snyk-gradle-plugin-3.10.3.tgz |
| CVE-2022-22984 | snyk-mvn-plugin-2.25.0.tgz |
| CVE-2021-29418 | netmask-1.0.6.tgz |
| CVE-2022-22984 | snyk-1.434.3.tgz |
| CVE-2022-22984 | snyk-docker-plugin-4.12.0.tgz |
| CVE-2024-4068 | braces-3.0.2.tgz |
| CVE-2022-24441 | snyk-1.434.3.tgz |
| CVE-2023-42282 | ip-1.1.5.tgz |
Base branch total remaining vulnerabilities: 76
Base branch commit: 9ed490623d0198bba18fd0504a54456a7f2367db
Total libraries scanned: 227
Scan token: 6c0b5cb745cf4a71bf1ef147fcca556b