Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Security upgrade react-router-dom from 5.3.4 to 6.0.0 #317

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

fix: package.json to reduce vulnerabilities

8ccd155
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Security upgrade react-router-dom from 5.3.4 to 6.0.0 #317

fix: package.json to reduce vulnerabilities
8ccd155
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / WhiteSource Security Check failed Sep 10, 2024 in 2m 58s

Security Report

You have successfully remediated 35 vulnerabilities, but introduced 8 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2019-6286

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Medium 6.5 node-sass-7.0.3.tgz Upgrade to version: Fable.Template.Elmish.React - 0.1.6;GR.PageRender.Razor - 1.8.0;MIDIator.WebClient - 1.0.105 #34
CVE-2019-6283

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Medium 6.5 node-sass-7.0.3.tgz Upgrade to version: Fable.Template.Elmish.React - 0.1.6;GR.PageRender.Razor - 1.8.0;MIDIator.WebClient - 1.0.105 #32
CVE-2018-20821

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Medium 6.5 node-sass-7.0.3.tgz Upgrade to version: Fable.Template.Elmish.React - 0.1.6;GR.PageRender.Razor - 1.8.0;MIDIator.WebClient - 1.0.105 #39
CVE-2018-20190

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Medium 6.5 node-sass-7.0.3.tgz Upgrade to version: GR.PageRender.Razor - 1.8.0;Fable.Template.Elmish.React - 0.1.6 #38
CVE-2018-19827

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Medium 5.6 node-sass-7.0.3.tgz Upgrade to version: GR.PageRender.Razor - 1.8.0;Fable.Template.Elmish.React - 0.1.6 #36
CVE-2018-11694

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Medium 5.6 node-sass-7.0.3.tgz Upgrade to version: Fable.Template.Elmish.React - 0.1.6;GR.PageRender.Razor - 1.8.0;MIDIator.WebClient - 1.0.105 #35
CVE-2018-19839

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Low 3.7 node-sass-7.0.3.tgz Upgrade to version: Fable.Template.Elmish.React - 0.1.6;GR.PageRender.Razor - 1.8.0;MIDIator.WebClient - 1.0.105 #37
CVE-2018-19797

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-sass/package.json

Dependency Hierarchy:

-> ❌ node-sass-7.0.3.tgz (Vulnerable Library)

Low 3.7 node-sass-7.0.3.tgz Upgrade to version: Fable.Template.Elmish.React - 0.1.6;GR.PageRender.Razor - 1.8.0;MIDIator.WebClient - 1.0.105 #29

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2022-37603 loader-utils-3.2.0.tgz
CVE-2018-20190 node-sass-7.0.1.tgz
CVE-2022-25881 http-cache-semantics-4.1.0.tgz
CVE-2022-25883 semver-7.3.7.tgz
CVE-2018-11694 node-sass-7.0.1.tgz
CVE-2023-42282 ip-2.0.0.tgz
CVE-2022-46175 json5-1.0.1.tgz
CVE-2018-19797 node-sass-7.0.1.tgz
CVE-2024-33883 ejs-3.1.8.tgz
CVE-2023-26159 follow-redirects-1.15.1.tgz
CVE-2022-25883 semver-5.7.1.tgz
CVE-2024-43788 webpack-5.74.0.tgz
CVE-2018-19839 node-sass-7.0.1.tgz
CVE-2024-28863 tar-6.1.11.tgz
CVE-2023-26115 word-wrap-1.2.3.tgz
CVE-2022-46175 json5-2.2.1.tgz
CVE-2018-20821 node-sass-7.0.1.tgz
CVE-2024-29415 ip-2.0.0.tgz
CVE-2022-25758 scss-tokenizer-0.3.0.tgz
CVE-2022-25883 semver-7.0.0.tgz
CVE-2019-6283 node-sass-7.0.1.tgz
CVE-2023-48631 css-tools-4.0.1.tgz
CVE-2023-26364 css-tools-4.0.1.tgz
CVE-2024-28849 follow-redirects-1.15.1.tgz
CVE-2024-37890 ws-7.5.9.tgz
CVE-2022-25927 ua-parser-js-0.7.31.tgz
CVE-2023-26136 tough-cookie-4.0.0.tgz
CVE-2022-37599 loader-utils-2.0.2.tgz
CVE-2018-19827 node-sass-7.0.1.tgz
CVE-2022-37601 loader-utils-2.0.2.tgz
CVE-2022-25883 semver-6.3.0.tgz
CVE-2019-6286 node-sass-7.0.1.tgz
CVE-2023-28154 webpack-5.74.0.tgz
CVE-2024-37890 ws-8.8.1.tgz
CVE-2022-37603 loader-utils-2.0.2.tgz

Base branch total remaining vulnerabilities: 43
Base branch commit: null


Total libraries scanned: 1492

Scan token: 7a18572e047041b9a35c0d531c86ffca

View more details on Mend Bolt for GitHub