Update dependency body-parser to v1.18.2 #9
Mend for GitHub.com / WhiteSource Security Check
failed
Jun 18, 2023 in 4m 13s
Security Report
You have successfully remediated 5 vulnerabilities, but introduced 1 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2022-24999Path to dependency file: /package.json Path to vulnerable library: /node_modules/qs/package.json Dependency Hierarchy: -> body-parser-1.18.2.tgz (Root Library) -> ❌ qs-6.5.1.tgz (Vulnerable Library) |
High | 7.5 | qs-6.5.1.tgz | Upgrade to version: qs - 6.2.4,6.3.3,6.4.1,6.5.3,6.6.1,6.7.3,6.8.3,6.9.7,6.10.3 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2017-20165 | debug-2.2.0.tgz |
CVE-2017-16137 | debug-2.2.0.tgz |
CVE-2017-20162 | ms-0.7.1.tgz |
CVE-2022-24999 | qs-4.0.0.tgz |
CVE-2017-1000048 | qs-4.0.0.tgz |
Base branch total remaining vulnerabilities: 29
Base branch commit: 4cd8f3410de5e66f2ffc874ee3e10afe33aa8ad6
Total libraries scanned: 60
Scan token: a57ab540688245b9bbe8d4eb4e267470