Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 76 vulnerabilities #113

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 76 vulnerabilities #113

wants to merge 1 commit into from

Conversation

donsantos
Copy link

snyk-top-banner

Snyk has created this PR to fix 76 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • package-lock.json

Vulnerabilities that will be fixed with an upgrade:

Issue Score
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JS-TAR-6476909		   ****  
high severity Command Injection
SNYK-JS-TREEKILL-536781		   ****  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1023599		   ****  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-1072471		   ****  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-UAPARSERJS-610226		   ****  
medium severity Arbitrary Code Injection
SNYK-JS-UNDERSCORE-1080984		   ****  
high severity Prototype Pollution
SNYK-JS-UNSETVALUE-2400660		   ****  
high severity Prototype Pollution
SNYK-JS-Y18N-1021887		   ****  
high severity Code Injection
SNYK-JS-LODASH-1040724		   239  
high severity Code Injection
SNYK-JS-LODASHES-2434284		   239  
high severity Arbitrary File Overwrite
SNYK-JS-TAR-174125		   238  
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577916		   224  
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577917		   224  
critical severity Improper Verification of Cryptographic Signature
SNYK-JS-ELLIPTIC-7577918		   224  
high severity Cryptographic Issues
SNYK-JS-ELLIPTIC-571484		   221  
high severity Prototype Pollution
SNYK-JS-LODASH-567746		   189  
high severity Prototype Pollution
SNYK-JS-LODASHES-2434283		   189  
medium severity Prototype Pollution
SNYK-JS-JSON5-3182856		   179  
high severity Prototype Pollution
SNYK-JS-LODASH-6139239		   170  
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		   169  
high severity Arbitrary Code Execution
SNYK-JS-JSYAML-174129		   166  
high severity Prototype Pollution
SNYK-JS-AJV-584908		   165  
high severity Prototype Poisoning
SNYK-JS-QS-3153490		   162  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		   159  
high severity Prototype Pollution
SNYK-JS-ASYNC-2441827		   159  
high severity Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970		   159  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MOMENT-2944238		   159  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795		   159  
high severity Prototype Pollution
SNYK-JS-SETVALUE-1540541		   158  
high severity Prototype Pollution
SNYK-JS-LODASH-450202		   152  
high severity Prototype Pollution
SNYK-JS-LODASHES-2434290		   152  
high severity Prototype Pollution
SNYK-JS-INI-1048974		   151  
high severity Prototype Pollution
SNYK-JS-LODASH-608086		   150  
high severity Prototype Pollution
SNYK-JS-LODASHES-2434285		   150  
high severity Prototype Pollution
SNYK-JS-MIXINDEEP-450212		   150  
high severity Prototype Pollution
SNYK-JS-SETVALUE-450213		   150  
high severity Prototype Pollution
SNYK-JS-LODASH-73638		   149  
high severity Prototype Pollution
SNYK-JS-LODASHES-2434287		   149  
medium severity Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116		   141  
medium severity Prototype Pollution
SNYK-JS-DOTPROP-543489		   140  
medium severity Prototype Pollution
SNYK-JS-MINIMIST-559764		   137  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-73639		   133  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASHES-2434286		   133  
high severity Improper Verification of Cryptographic Signature
SNYK-JS-BROWSERIFYSIGN-6037026		   124  
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		   124  
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ACORN-559469		   115  
high severity Prototype Pollution
SNYK-JS-LOADERUTILS-3043105		   115  
high severity Directory Traversal
SNYK-JS-MOMENT-2440688		   114  
medium severity Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899		   112  
high severity Arbitrary Code Execution
SNYK-JS-ESLINTUTILS-460220		   107  
medium severity Denial of Service (DoS)
SNYK-JS-JSYAML-173999		   102  
high severity Arbitrary File Write
SNYK-JS-TAR-1579147		   97  
high severity Arbitrary File Write
SNYK-JS-TAR-1579152		   97  
high severity Arbitrary File Write
SNYK-JS-TAR-1579155		   97  
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536528		   95  
high severity Arbitrary File Overwrite
SNYK-JS-TAR-1536531		   95  
medium severity Timing Attack
SNYK-JS-ELLIPTIC-511941		   75  
medium severity Denial of Service (DoS)
npm:mem:20180117		   73  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-BROWSERSLIST-1090194		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-GLOBPARENT-1016905		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1085627		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1243891		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASHES-2434289		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1090595		   63  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		   63  
low severity Prototype Pollution
SNYK-JS-MINIMIST-2429795		   59  
low severity Validation Bypass
SNYK-JS-KINDOF-537849		   57  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3042992		   45  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-LOADERUTILS-3105943		   45  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-MINIMATCH-3050818		   45  
medium severity Time of Check Time of Use (TOCTOU)
npm:chownr:20180731		   41  
low severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-TAR-1536758		   40  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 Cryptographic Issues
🦉 More lessons are available in Snyk Learn

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"babel-loader","from":"7.1.5","to":"9.0.0"},{"name":"chart.js","from":"2.7.2","to":"3.0.0"},{"name":"concurrently","from":"4.0.1","to":"8.0.0"},{"name":"css-loader","from":"1.0.0","to":"6.0.0"},{"name":"cssnano","from":"4.1.0","to":"5.0.16"},{"name":"eslint","from":"5.4.0","to":"8.46.0"},{"name":"eslint-plugin-import","from":"2.14.0","to":"2.27.4"},{"name":"lint-staged","from":"7.2.2","to":"9.0.0"},{"name":"mini-css-extract-plugin","from":"0.4.2","to":"2.0.0"},{"name":"mongodb","from":"3.1.4","to":"3.3.0"},{"name":"postcss-loader","from":"3.0.0","to":"5.0.0"},{"name":"query-string","from":"6.1.0","to":"7.1.3"},{"name":"react","from":"16.4.2","to":"16.5.0"},{"name":"react-chartjs-2","from":"2.7.4","to":"3.2.0"},{"name":"react-dom","from":"16.4.2","to":"16.5.0"},{"name":"react-redux","from":"5.0.7","to":"5.1.0"},{"name":"redux-form","from":"7.4.2","to":"8.3.6"},{"name":"sass-loader","from":"7.1.0","to":"11.0.0"},{"name":"sitemap","from":"1.13.0","to":"2.0.0"},{"name":"stripe","from":"6.7.0","to":"8.213.0"},{"name":"webpack","from":"4.17.1","to":"5.0.0"},{"name":"webpack-cli","from":"3.1.0","to":"4.0.0"},{"name":"winston","from":"3.0.0","to":"3.3.4"}],"env":"prod","issuesToFix":[{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":115,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sat Mar 07 2020 00:19:23 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.92},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":115,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sat Mar 07 2020 00:19:23 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.92},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-ACORN-559469","priority_score":115,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sat Mar 07 2020 00:19:23 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":1.92},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-ASYNC-2441827","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0017},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Apr 07 2022 14:22:18 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BRACES-6838727","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:36:53 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BRACES-6838727","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:36:53 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JS-BROWSERIFYSIGN-6037026","priority_score":124,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"high"},{"name":"availability","value":"none"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00058},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Oct 27 2023 12:03:19 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.06},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Verification of Cryptographic Signature"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00198},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Apr 28 2021 15:14:31 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00198},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Apr 28 2021 15:14:31 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"non...

@snyk-bot
fix: package.json & package-lock.json to reduce vulnerabilities
73397a2 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-6476909
- https://snyk.io/vuln/SNYK-JS-TREEKILL-536781
- https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599
- https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1072471
- https://snyk.io/vuln/SNYK-JS-UAPARSERJS-610226
- https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984
- https://snyk.io/vuln/SNYK-JS-UNSETVALUE-2400660
- https://snyk.io/vuln/SNYK-JS-Y18N-1021887
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASHES-2434284
- https://snyk.io/vuln/SNYK-JS-TAR-174125
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577916
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577917
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-7577918
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-LODASHES-2434283
- https://snyk.io/vuln/SNYK-JS-JSON5-3182856
- https://snyk.io/vuln/SNYK-JS-LODASH-6139239
- https://snyk.io/vuln/SNYK-JS-BRACES-6838727
- https://snyk.io/vuln/SNYK-JS-JSYAML-174129
- https://snyk.io/vuln/SNYK-JS-AJV-584908
- https://snyk.io/vuln/SNYK-JS-QS-3153490
- https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
- https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970
- https://snyk.io/vuln/SNYK-JS-MOMENT-2944238
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-SETVALUE-1540541
- https://snyk.io/vuln/SNYK-JS-LODASH-450202
- https://snyk.io/vuln/SNYK-JS-LODASHES-2434290
- https://snyk.io/vuln/SNYK-JS-INI-1048974
- https://snyk.io/vuln/SNYK-JS-LODASH-608086
- https://snyk.io/vuln/SNYK-JS-LODASHES-2434285
- https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
- https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
- https://snyk.io/vuln/SNYK-JS-LODASH-73638
- https://snyk.io/vuln/SNYK-JS-LODASHES-2434287
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
- https://snyk.io/vuln/SNYK-JS-DOTPROP-543489
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
- https://snyk.io/vuln/SNYK-JS-LODASH-73639
- https://snyk.io/vuln/SNYK-JS-LODASHES-2434286
- https://snyk.io/vuln/SNYK-JS-BROWSERIFYSIGN-6037026
- https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728
- https://snyk.io/vuln/SNYK-JS-ACORN-559469
- https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105
- https://snyk.io/vuln/SNYK-JS-MOMENT-2440688
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899
- https://snyk.io/vuln/SNYK-JS-ESLINTUTILS-460220
- https://snyk.io/vuln/SNYK-JS-JSYAML-173999
- https://snyk.io/vuln/SNYK-JS-TAR-1579147
- https://snyk.io/vuln/SNYK-JS-TAR-1579152
- https://snyk.io/vuln/SNYK-JS-TAR-1579155
- https://snyk.io/vuln/SNYK-JS-TAR-1536528
- https://snyk.io/vuln/SNYK-JS-TAR-1536531
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-511941
- https://snyk.io/vuln/npm:mem:20180117
- https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194
- https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939
- https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
- https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355
- https://snyk.io/vuln/SNYK-JS-ISSVG-1085627
- https://snyk.io/vuln/SNYK-JS-ISSVG-1243891
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASHES-2434289
- https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067
- https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595
- https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640
- https://snyk.io/vuln/SNYK-JS-MINIMIST-2429795
- https://snyk.io/vuln/SNYK-JS-KINDOF-537849
- https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992
- https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818
- https://snyk.io/vuln/npm:chownr:20180731
- https://snyk.io/vuln/SNYK-JS-TAR-1536758
prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -92,47 +92,47 @@
"html-webpack-plugin": "^3.2.0",
"husky": "^0.14.3",
"jsonwebtoken": "^8.3.0",
"lint-staged": "^7.2.2",
"lint-staged": "^9.0.0",
"lodash": "^4.17.10",
"lru-cache": "^4.1.3",
"material-ui": "^0.20.2",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

material-ui 0.20.2 / package.json

Total vulnerabilities: 2

Critical: 0 High: 0 Medium: 2 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2022-0235 MEDIUM MEDIUM 6.1 - Open
CVE-2020-15168 MEDIUM MEDIUM 5.3 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -92,47 +92,47 @@
"html-webpack-plugin": "^3.2.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

html-webpack-plugin 3.2.0 / package.json

Total vulnerabilities: 7

Critical: 1 High: 4 Medium: 2 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2022-37601 CRITICAL CRITICAL 9.8 - Open
CVE-2022-37620 HIGH HIGH 7.5 - Open
CVE-2022-21222 HIGH HIGH 7.5 - Open
CVE-2021-3803 HIGH HIGH 7.5 - Open
CVE-2022-46175 HIGH HIGH 8.8 - Open
PRISMA-2021-0169 MEDIUM MEDIUM 5.3 - Open
PRISMA-2021-0147 MEDIUM MEDIUM 5.9 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"webpack-cli": "^3.1.0",
"winston": "^3.0.0",
"webpack": "^5.0.0",
"webpack-cli": "^4.0.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

webpack-cli 4.0.0 / package.json

Total vulnerabilities: 11

Critical: 1 High: 4 Medium: 6 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2021-44906 CRITICAL CRITICAL 9.8 - Open
CVE-2022-3517 HIGH HIGH 7.5 - Open
CVE-2020-28469 HIGH HIGH 7.5 - Open
CVE-2024-4068 HIGH HIGH 7.5 - Open
PRISMA-2022-0049 HIGH HIGH 7.5 - Open
CVE-2021-23362 MEDIUM MEDIUM 5.3 - Open
CVE-2022-33987 MEDIUM MEDIUM 5.3 - Open
CVE-2020-7598 MEDIUM MEDIUM 5.6 - Open
CVE-2024-4067 MEDIUM MEDIUM 5.3 - Open
CVE-2024-33883 MEDIUM MEDIUM 4 - Open
PRISMA-2022-0014 MEDIUM MEDIUM 6 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"moment": "^2.22.2",
"mongodb": "^3.1.4",
"mongodb": "^3.3.0",
"node-fetch": "^2.2.0",
"node-sass": "^4.9.3",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

node-sass 4.9.3 / package.json

Total vulnerabilities: 25

Critical: 5 High: 11 Medium: 9 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2021-44906 CRITICAL CRITICAL 9.8 - Open
CVE-2021-44906 CRITICAL CRITICAL 9.8 - Open
CVE-2020-7774 CRITICAL CRITICAL 9.8 - Open
CVE-2023-26136 CRITICAL CRITICAL 9.8 - Open
CVE-2021-3918 CRITICAL CRITICAL 9.8 - Open
CVE-2019-13173 HIGH HIGH 7.5 - Open
CVE-2022-3517 HIGH HIGH 7.5 - Open
CVE-2021-33623 HIGH HIGH 7.5 - Open
CVE-2021-37701 HIGH HIGH 8.6 - Open
CVE-2021-32804 HIGH HIGH 8.1 - Open
CVE-2021-32803 HIGH HIGH 8.1 - Open
CVE-2018-20834 HIGH HIGH 7.5 - Open
CVE-2022-25758 HIGH HIGH 7.5 - Open
CVE-2022-24999 HIGH HIGH 7.5 - Open
CVE-2022-25883 HIGH HIGH 7.5 - Open
GHSA-779f-wgxg-qr8f HIGH HIGH 7 - Open
CVE-2021-23362 MEDIUM MEDIUM 5.3 - Open
CVE-2020-15366 MEDIUM MEDIUM 5.6 - Open
CVE-2020-7598 MEDIUM MEDIUM 5.6 - Open
CVE-2020-7598 MEDIUM MEDIUM 5.6 - Open
CVE-2020-7608 MEDIUM MEDIUM 5.3 - Open
CVE-2024-28863 MEDIUM MEDIUM 6.5 - Open
CVE-2023-28155 MEDIUM MEDIUM 6.1 - Open
CVE-2020-24025 MEDIUM MEDIUM 5.3 - Open
GHSA-9v62-24cr-58cx MEDIUM MEDIUM 5.9 4.13.1 Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -62,23 +62,23 @@
"babel-cli": "^6.26.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

babel-cli 6.26.0 / package.json

Total vulnerabilities: 20

Critical: 5 High: 10 Medium: 5 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2021-44906 CRITICAL CRITICAL 9.8 - Open
CVE-2021-44906 CRITICAL CRITICAL 9.8 - Open
CVE-2020-7788 CRITICAL CRITICAL 9.8 - Open
CVE-2023-45311 CRITICAL CRITICAL 9.8 - Open
CVE-2023-45133 CRITICAL CRITICAL 9.4 - Open
CVE-2020-28469 HIGH HIGH 7.5 - Open
CVE-2021-37701 HIGH HIGH 8.6 - Open
CVE-2021-32804 HIGH HIGH 8.1 - Open
CVE-2021-32803 HIGH HIGH 8.1 - Open
CVE-2018-20834 HIGH HIGH 7.5 - Open
CVE-2022-25883 HIGH HIGH 7.5 - Open
CVE-2022-3517 HIGH HIGH 7.5 - Open
CVE-2024-4068 HIGH HIGH 7.5 - Open
CVE-2019-20149 HIGH HIGH 7.5 - Open
CVE-2022-46175 HIGH HIGH 8.8 - Open
CVE-2024-28863 MEDIUM MEDIUM 6.5 - Open
CVE-2020-7598 MEDIUM MEDIUM 5.6 - Open
CVE-2020-7598 MEDIUM MEDIUM 5.6 - Open
CVE-2018-1109 MEDIUM MEDIUM 5.3 - Open
CVE-2024-4067 MEDIUM MEDIUM 5.3 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -62,23 +62,23 @@
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"babel-eslint": "^8.2.6",
"babel-loader": "^7.1.5",
"babel-loader": "^9.0.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

babel-core 6.26.3 / package.json

Total vulnerabilities: 5

Critical: 2 High: 2 Medium: 1 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2021-44906 CRITICAL CRITICAL 9.8 - Open
CVE-2023-45133 CRITICAL CRITICAL 9.4 - Open
CVE-2022-3517 HIGH HIGH 7.5 - Open
CVE-2022-46175 HIGH HIGH 8.8 - Open
CVE-2020-7598 MEDIUM MEDIUM 5.6 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -92,47 +92,47 @@
"html-webpack-plugin": "^3.2.0",
"husky": "^0.14.3",
"jsonwebtoken": "^8.3.0",
"lint-staged": "^7.2.2",
"lint-staged": "^9.0.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lint-staged 9.0.0 / package.json

Total vulnerabilities: 1

Critical: 0 High: 1 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2022-3517 HIGH HIGH 7.5 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"winston": "^3.0.0",
"webpack": "^5.0.0",
"webpack-cli": "^4.0.0",
"winston": "^3.3.4",
"workbox-webpack-plugin": "^3.4.1",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

workbox-webpack-plugin 3.4.1 / package.json

Total vulnerabilities: 3

Critical: 0 High: 3 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2022-3517 HIGH HIGH 7.5 - Open
CVE-2021-23337 HIGH HIGH 7.2 - Open
CVE-2020-36604 HIGH HIGH 8.1 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -62,23 +62,23 @@
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"babel-eslint": "^8.2.6",
"babel-loader": "^7.1.5",
"babel-loader": "^9.0.0",
"babel-plugin-transform-class-properties": "^6.24.1",
"babel-polyfill": "^6.26.0",
"babel-preset-env": "^1.7.0",
"babel-preset-react": "^6.24.1",
"body-parser": "^1.18.3",
"cezerin-client": "^0.34.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cezerin-client 0.34.0 / package.json

Total vulnerabilities: 3

Critical: 0 High: 0 Medium: 3 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2022-0235 MEDIUM MEDIUM 6.1 - Open
CVE-2020-15168 MEDIUM MEDIUM 5.3 - Open
CVE-2022-1365 MEDIUM MEDIUM 6.5 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -62,23 +62,23 @@
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"babel-eslint": "^8.2.6",
"babel-loader": "^7.1.5",
"babel-loader": "^9.0.0",
"babel-plugin-transform-class-properties": "^6.24.1",
"babel-polyfill": "^6.26.0",
"babel-preset-env": "^1.7.0",
"babel-preset-react": "^6.24.1",
"body-parser": "^1.18.3",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

body-parser 1.18.3 / package.json

Total vulnerabilities: 1

Critical: 0 High: 1 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2022-24999 HIGH HIGH 7.5 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -62,23 +62,23 @@
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"babel-eslint": "^8.2.6",
"babel-loader": "^7.1.5",
"babel-loader": "^9.0.0",
"babel-plugin-transform-class-properties": "^6.24.1",
"babel-polyfill": "^6.26.0",
"babel-preset-env": "^1.7.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

babel-preset-env 1.7.0 / package.json

Total vulnerabilities: 1

Critical: 1 High: 0 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2023-45133 CRITICAL CRITICAL 9.4 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -62,23 +62,23 @@
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"babel-eslint": "^8.2.6",
"babel-loader": "^7.1.5",
"babel-loader": "^9.0.0",
"babel-plugin-transform-class-properties": "^6.24.1",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

babel-plugin-transform-class-properties 6.24.1 / package.json

Total vulnerabilities: 1

Critical: 1 High: 0 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2023-45133 CRITICAL CRITICAL 9.4 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -62,23 +62,23 @@
"babel-cli": "^6.26.0",
"babel-core": "^6.26.3",
"babel-eslint": "^8.2.6",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

babel-eslint 8.2.6 / package.json

Total vulnerabilities: 1

Critical: 1 High: 0 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2023-45133 CRITICAL CRITICAL 9.4 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"webpack": "^4.17.1",
"webpack-cli": "^3.1.0",
"winston": "^3.0.0",
"webpack": "^5.0.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

webpack 5.0.0 / package.json

Total vulnerabilities: 1

Critical: 1 High: 0 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2023-28154 CRITICAL CRITICAL 9.8 5.76.0 Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"winston": "^3.0.0",
"webpack": "^5.0.0",
"webpack-cli": "^4.0.0",
"winston": "^3.3.4",
"workbox-webpack-plugin": "^3.4.1",
"ws": "^6.0.0"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ws 6.0.0 / package.json

Total vulnerabilities: 2

Critical: 0 High: 1 Medium: 1 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2024-37890 HIGH HIGH 7.5 6.2.3 Open
CVE-2021-32640 MEDIUM MEDIUM 5.3 6.2.2 Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"slug": "^0.9.1",
"stripe": "^6.7.0",
"stripe": "^8.213.0",
"theme": "file:theme",
"ua-parser-js": "^0.7.18",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ua-parser-js 0.7.18 / package.json

Total vulnerabilities: 3

Critical: 0 High: 3 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2021-27292 HIGH HIGH 7.5 0.7.24 Open
CVE-2020-7793 HIGH HIGH 7.5 0.7.23 Open
CVE-2020-7733 HIGH HIGH 7.5 0.7.22 Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"moment": "^2.22.2",
"mongodb": "^3.1.4",
"mongodb": "^3.3.0",
"node-fetch": "^2.2.0",
"node-sass": "^4.9.3",
"nodemailer": "^4.6.8",
"nodemailer-smtp-transport": "^2.7.4",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nodemailer-smtp-transport 2.7.4 / package.json

Total vulnerabilities: 1

Critical: 0 High: 1 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2021-23358 HIGH HIGH 7.2 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"sass-loader": "^7.1.0",
"sitemap": "^1.13.0",
"sass-loader": "^11.0.0",
"sitemap": "^2.0.0",
"slug": "^0.9.1",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

slug 0.9.1 / package.json

Total vulnerabilities: 1

Critical: 0 High: 1 Medium: 0 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2017-16117 HIGH HIGH 7.5 - Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
"moment": "^2.22.2",
"mongodb": "^3.1.4",
"mongodb": "^3.3.0",
"node-fetch": "^2.2.0",
"node-sass": "^4.9.3",
"nodemailer": "^4.6.8",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nodemailer 4.6.8 / package.json

Total vulnerabilities: 3

Critical: 1 High: 1 Medium: 1 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2020-7769 CRITICAL CRITICAL 9.8 6.4.16 Open
CVE-2021-23400 HIGH HIGH 8.8 6.6.1 Open
GHSA-9h6g-pr28-7cqp MEDIUM MEDIUM 5.3 6.9.9 Open

prisma-cloud-devsecops[bot]
prisma-cloud-devsecops bot reviewed Sep 6, 2024
View reviewed changes
package.json
@@ -92,47 +92,47 @@
"html-webpack-plugin": "^3.2.0",
"husky": "^0.14.3",
"jsonwebtoken": "^8.3.0",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

jsonwebtoken 8.3.0 / package.json

Total vulnerabilities: 3

Critical: 0 High: 2 Medium: 1 Low: 0
Vulnerability IDSeverityCVSSFixed inStatus
CVE-2022-23540 HIGH HIGH 7.6 - Open
CVE-2022-23539 HIGH HIGH 8.1 - Open
CVE-2022-23541 MEDIUM MEDIUM 6.3 - Open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@prisma-cloud-devsecops prisma-cloud-devsecops[bot] prisma-cloud-devsecops[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@donsantos @snyk-bot