Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump tough-cookie and @cypress/request #16

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Bump tough-cookie and @cypress/request

5479591
Select commit
Loading
Failed to load commit list.
Open

Bump tough-cookie and @cypress/request #16

Bump tough-cookie and @cypress/request
5479591
Select commit
Loading
Failed to load commit list.
IBM Mend app / Mend Security Check failed Apr 11, 2024 in 6m 41s

Security Report

You have successfully remediated 2 vulnerabilities, but introduced 1 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Exploit Maturity EPSS Vulnerable Library Suggested Fix Issue
CVE-2023-28155

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> cypress-10.11.0.tgz (Root Library)

   -> ❌ request-2.88.12.tgz (Vulnerable Library)

Medium 6.1 Not Defined 0.0% request-2.88.12.tgz Upgrade to version: @cypress/request - 3.0.0 #396

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2023-28155 request-2.88.11.tgz
CVE-2023-26136 tough-cookie-2.5.0.tgz

Base branch total remaining vulnerabilities: 2
Base branch commit: 45416a2b45d6cc1521929d8288b4a83ff2cad246


Total libraries scanned: 289

Scan token: 30eefb0950d24b05ad2da13d54477061

View more details on IBM Mend app