Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump es5-ext from 0.10.53 to 0.10.64 #4

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Bump es5-ext from 0.10.53 to 0.10.64

efbd466
Select commit
Loading
Failed to load commit list.
Open

Bump es5-ext from 0.10.53 to 0.10.64 #4

Bump es5-ext from 0.10.53 to 0.10.64
efbd466
Select commit
Loading
Failed to load commit list.
Wiz GWI / Wiz Vulnerability Scanner completed May 2, 2024 in 7s

Wiz Vulnerability Scanner

Bonjour, Captain of Configuration! ⚙️

The whispers of magic carried tales of concealed enigmas within this code's weave. 🧙️🔍

Exposing Vulnerabilities with Wiz 🪄

🔮 Vulnerabilities Detected: 151

19C 64H 64M 4L 0I

― Note from Wiz: "Your coding journey is a magical saga, unfolding with every commit! 📖🔮"

Annotations

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

node-forge:0.10.0

Detected Vulnerabilities:
  CVE-2022-24772, Severity: High, Source: https://github.com/advisories/GHSA-x4jg-mjrx-434g
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.3.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  GHSA-gf8q-jrpm-jvxq, Severity: Low, Source: https://github.com/advisories/GHSA-gf8q-jrpm-jvxq
    🩹 Fixed version: 1.0.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-0122, Severity: Medium, Source: https://github.com/advisories/GHSA-8fr3-hfg3-gpgp
    CVSS score: 6.1, CVSS exploitability score: 2.8
    🩹 Fixed version: 1.0.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-24773, Severity: Medium, Source: https://github.com/advisories/GHSA-2r2c-g63r-vccr
    CVSS score: 5.3, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.3.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  GHSA-5rrq-pxf6-6jx5, Severity: Low, Source: https://github.com/advisories/GHSA-5rrq-pxf6-6jx5
    🩹 Fixed version: 1.0.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-24771, Severity: High, Source: https://github.com/advisories/GHSA-cfm4-qjh2-4765
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.3.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

follow-redirects:1.14.4

Detected Vulnerabilities:
  CVE-2022-0536, Severity: Medium, Source: https://github.com/advisories/GHSA-pw2r-vq6v-hr8c
    CVSS score: 5.9, CVSS exploitability score: 2.2
    🩹 Fixed version: 1.14.8
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2023-26159, Severity: Medium, Source: https://github.com/advisories/GHSA-jchw-25xp-jwwc
    CVSS score: 6.1, CVSS exploitability score: 2.8
    🩹 Fixed version: 1.15.4
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2024-28849, Severity: Medium, Source: https://github.com/advisories/GHSA-cxjh-pqwp-8mfp
    🩹 Fixed version: 1.15.6
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-0155, Severity: High, Source: https://github.com/advisories/GHSA-74fj-2j2h-c42q
    CVSS score: 6.5, CVSS exploitability score: 2.8
    🩹 Fixed version: 1.14.7
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

nth-check:1.0.2

Detected Vulnerabilities:
  CVE-2021-3803, Severity: High, Source: https://github.com/advisories/GHSA-rp65-9cf3-cjxr
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 2.0.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

url-parse:1.5.3

Detected Vulnerabilities:
  CVE-2022-0686, Severity: Critical, Source: https://github.com/advisories/GHSA-hgjh-723h-mx2j
    CVSS score: 9.1, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.5.8
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-0512, Severity: Medium, Source: https://github.com/advisories/GHSA-rqff-837h-mm52
    CVSS score: 5.3, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.5.6
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-0639, Severity: Medium, Source: https://github.com/advisories/GHSA-8v38-pw62-9cw2
    CVSS score: 5.3, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.5.7
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-0691, Severity: Medium, Source: https://github.com/advisories/GHSA-jf5r-8hm2-f872
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.5.9
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

minimist:1.2.5

Detected Vulnerabilities:
  CVE-2021-44906, Severity: Critical, Source: https://github.com/advisories/GHSA-xvch-5gv4-984h
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.2.6
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

terser:5.9.0

Detected Vulnerabilities:
  CVE-2022-25858, Severity: High, Source: https://github.com/advisories/GHSA-4wf5-vphf-c2xc
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.14.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

ansi-regex:5.0.0

Detected Vulnerabilities:
  CVE-2021-3807, Severity: High, Source: https://github.com/advisories/GHSA-93q8-gq69-wqmw
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.0.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

loader-utils:2.0.0

Detected Vulnerabilities:
  CVE-2022-37599, Severity: High, Source: https://github.com/advisories/GHSA-hhq3-ff78-jv3g
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 2.0.4
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-37601, Severity: Critical, Source: https://github.com/advisories/GHSA-76p3-8jx3-jpfq
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 2.0.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-37603, Severity: High, Source: https://github.com/advisories/GHSA-3rfm-jhwj-7488
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 2.0.4
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

minimatch:3.0.4

Detected Vulnerabilities:
  CVE-2022-3517, Severity: High, Source: https://github.com/advisories/GHSA-f8q6-p94x-37v3
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 3.0.5
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

qs:6.7.0

Detected Vulnerabilities:
  CVE-2022-24999, Severity: High, Source: https://github.com/advisories/GHSA-hrpp-h998-j3pp
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 6.7.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

ansi-html:0.0.7

Detected Vulnerabilities:
  CVE-2021-23424, Severity: High, Source: https://github.com/advisories/GHSA-whgm-jr23-g3j9
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 0.0.8
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

@babel/traverse:7.15.4

Detected Vulnerabilities:
  CVE-2023-45133, Severity: Critical, Source: https://github.com/advisories/GHSA-67hx-6x53-jw92
    CVSS score: 8.8, CVSS exploitability score: 2.0
    🩹 Fixed version: 7.23.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

browserify-sign:4.2.1

Detected Vulnerabilities:
  CVE-2023-46234, Severity: High, Source: https://github.com/advisories/GHSA-x9w5-v3q2-3rhw
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 4.2.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

json5:1.0.1

Detected Vulnerabilities:
  CVE-2022-46175, Severity: High, Source: https://github.com/advisories/GHSA-9c47-m6qq-7p4h
    CVSS score: 8.8, CVSS exploitability score: 2.8
    🩹 Fixed version: 1.0.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

glob-parent:3.1.0

Detected Vulnerabilities:
  CVE-2020-28469, Severity: High, Source: https://github.com/advisories/GHSA-ww39-953v-wcq6
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.1.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

loader-utils:1.4.0

Detected Vulnerabilities:
  CVE-2022-37603, Severity: High, Source: https://github.com/advisories/GHSA-3rfm-jhwj-7488
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.4.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-37599, Severity: High, Source: https://github.com/advisories/GHSA-hhq3-ff78-jv3g
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.4.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-37601, Severity: Critical, Source: https://github.com/advisories/GHSA-76p3-8jx3-jpfq
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.4.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

shell-quote:1.7.2

Detected Vulnerabilities:
  CVE-2021-42740, Severity: Critical, Source: https://github.com/advisories/GHSA-g4rg-993r-mgx7
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.7.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

terser:4.8.0

Detected Vulnerabilities:
  CVE-2022-25858, Severity: High, Source: https://github.com/advisories/GHSA-4wf5-vphf-c2xc
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 4.8.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

webpack-dev-middleware:3.7.3

Detected Vulnerabilities:
  CVE-2024-29180, Severity: High, Source: https://github.com/advisories/GHSA-wr3j-pwj9-hqq6
    🩹 Fixed version: 5.3.4
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

decode-uri-component:0.2.0

Detected Vulnerabilities:
  CVE-2022-38900, Severity: High, Source: https://github.com/advisories/GHSA-w573-4hg7-7wgq
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 0.2.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

immer:8.0.1

Detected Vulnerabilities:
  CVE-2021-23436, Severity: Critical, Source: https://github.com/advisories/GHSA-33f9-j839-rf8h
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 9.0.6
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2021-3757, Severity: High, Source: https://github.com/advisories/GHSA-c36v-fmgq-m8hx
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 9.0.6
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

json5:2.2.0

Detected Vulnerabilities:
  CVE-2022-46175, Severity: High, Source: https://github.com/advisories/GHSA-9c47-m6qq-7p4h
    CVSS score: 8.8, CVSS exploitability score: 2.8
    🩹 Fixed version: 2.2.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

lodash.template:4.5.0

Detected Vulnerabilities:
  CVE-2021-23337, Severity: High, Source: https://github.com/advisories/GHSA-35jh-r3h4-6jhm
    CVSS score: 7.2, CVSS exploitability score: 1.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

eventsource:1.1.0

Detected Vulnerabilities:
  CVE-2022-1650, Severity: Critical, Source: https://github.com/advisories/GHSA-6h5x-7c5m-7cr7
    CVSS score: 9.3, CVSS exploitability score: 2.8
    🩹 Fixed version: 1.1.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in package-lock.json

See this annotation in the file changed.

@wiz-gwi wiz-gwi / Wiz Vulnerability Scanner

loader-utils:1.2.3

Detected Vulnerabilities:
  CVE-2022-37599, Severity: High, Source: https://github.com/advisories/GHSA-hhq3-ff78-jv3g
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.4.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-37601, Severity: Critical, Source: https://github.com/advisories/GHSA-76p3-8jx3-jpfq
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.4.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2022-37603, Severity: High, Source: https://github.com/advisories/GHSA-3rfm-jhwj-7488
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.4.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit