Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

coveralls-test #1446

Closed
wants to merge 2 commits into from
Closed

coveralls-test #1446

wants to merge 2 commits into from

Conversation

tubone24
Copy link
Owner

No description provided.

@github-actions github-actions bot added the src label Mar 25, 2024
@github-actions github-actions bot temporarily deployed to development-storybook March 25, 2024 01:18 Inactive
@coveralls
Copy link
Collaborator

coveralls commented Mar 25, 2024
edited
Loading

Pull Request Test Coverage Report for Build 8413750086

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 1 unchanged line in 1 file lost coverage.
  • Overall coverage decreased (-0.5%) to 85.117%
Files with Coverage Reduction New Missed Lines %
src/components/Card/index.tsx 1 78.57%
Totals Coverage Status
Change from base Build 8308488570: -0.5%
Covered Lines: 250
Relevant Lines: 281
💛 - Coveralls

@github-actions GitHub Actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1786 dependencies for known issues, found 14 issues, 30 vulnerable paths.

Issues to fix by upgrading:

Upgrade @sentry/[email protected] to @sentry/[email protected] to fix
✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 8 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in [email protected]
introduced by [email protected] > [email protected]
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in [email protected]
introduced by [email protected]
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-6256334] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Cross-site Request Forgery (CSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
This issue was fixed in versions: 1.6.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
This issue was fixed in versions: 1.6.3
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
This issue was fixed in versions: 1.6.4
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 6.0.2
✗ Uncontrolled Resource Consumption ('Resource Exhaustion') [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-TAR-6476909] in [email protected]
introduced by @sentry/[email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 6.2.1
✗ Path Traversal [High Severity][https://security.snyk.io/vuln/SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 5.3.4, 6.1.2, 7.1.0

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 23
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 25
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 41
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

3 Code issues found
3 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!

Test Summary

Organization: tubone24
Project name: tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]

Tip

New: Share your test results in the Snyk Web UI with the option --report

Container

Testing test-blog...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2005-2541
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2023-39804
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-6120423
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6
Fixed in: 1.30+dfsg-6+deb10u1

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Authentication Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Privilege Chaining
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Incorrect Privilege Assignment
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Missing Release of Resource after Effective Lifetime
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-7008
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6137710
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-50868
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277511
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Time-of-check Time-of-use (TOCTOU)
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Improper Authentication
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5879153
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pam/libpam0g
Description: CVE-2024-22365
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PAM-6178916
Introduced through: pam/[email protected], shadow/login@1:4.5-1.1, util-linux/[email protected], [email protected], pam/[email protected], pam/[email protected], pam/[email protected]
From: pam/[email protected]
From: shadow/login@1:4.5-1.1 > pam/[email protected]
From: util-linux/[email protected] > [email protected] > pam/[email protected]
and 11 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-50495
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6123819
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-45918
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6252772
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in lz4/liblz4-1
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072
Introduced through: lz4/[email protected]+deb10u1, [email protected]
From: lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > lz4/[email protected]+deb10u1

✗ Low severity vulnerability found in libtasn1-6
Description: CVE-2018-1000654
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libseccomp/libseccomp2
Description: CVE-2019-9893
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044
Introduced through: libseccomp/[email protected], [email protected]
From: libseccomp/[email protected]
From: [email protected] > libseccomp/[email protected]

✗ Low severity vulnerability found in libidn2/libidn2-0
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100
Introduced through: libidn2/[email protected]+deb10u1, [email protected]
From: libidn2/[email protected]+deb10u1
From: [email protected] > gnutls28/[email protected]+deb10u9 > libidn2/[email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-6405988
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6474579
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Uncaught Exception
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6474583
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2019-1010023
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use of Insufficiently Random Values
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894107
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: Insufficient Entropy
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: CVE-2023-4039
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-5901315
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in e2fsprogs/libcom-err2
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482
Introduced through: e2fsprogs/[email protected]+deb10u3, [email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3
From: e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
and 5 more...

✗ Low severity vulnerability found in coreutils
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in coreutils
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in bash
Description: Improper Check for Dropped Privileges
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in apt/libapt-pkg5.0
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502
Introduced through: apt/[email protected], [email protected]
From: apt/[email protected]
From: [email protected] > apt/[email protected]
From: [email protected]

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u10

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: CVE-2022-4415
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Medium severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5862705
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u4

✗ Medium severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6062099
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u11

✗ High severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-26604
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u9

✗ High severity vulnerability found in systemd/libsystemd0
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277513
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u10

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6159414
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u12

✗ High severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Critical severity vulnerability found in zlib/zlib1g
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-ZLIB-6008964
Introduced through: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2
From: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2

✗ Critical severity vulnerability found in libtasn1-6
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]
Fixed in: 4.13-3+deb10u1

✗ Critical severity vulnerability found in db5.3/libdb5.3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169
Introduced through: db5.3/[email protected]+dfsg1-0.5, [email protected]
From: db5.3/[email protected]+dfsg1-0.5
From: [email protected] > shadow/passwd@1:4.5-1.1 > pam/[email protected] > db5.3/[email protected]+dfsg1-0.5

------------ Detected 34 vulnerabilities for [email protected] ------------

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969349
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969357
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Permissive Cross-domain Policy with Untrusted Domains
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252338
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ Medium severity vulnerability found in node
Description: Timing Attack
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Inconsistency Between Implementation and Documented Design
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Over-read
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Underwrite (Buffer Underflow)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Improper Access Control
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848030
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969356
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Medium severity vulnerability found in node
Description: Observable Timing Discrepancy
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252330
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Insecure Permissions
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Prototype Pollution
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848038
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ High severity vulnerability found in node
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252328
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252332
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

Organization: tubone24
Package manager: deb
Project name: docker-image|test-blog
Docker image: test-blog
Platform: linux/amd64
Base image: node:18.12.1-buster-slim
Licenses: enabled

Tested 85 dependencies for known issues, found 119 issues.

Base Image Vulnerabilities Severity
node:18.12.1-buster-slim 119 3 critical, 17 high, 23 medium, 76 low

Recommendations for base image upgrade:

Minor upgrades
Base Image Vulnerabilities Severity
node:18.19.1-buster-slim 75 2 critical, 3 high, 1 medium, 69 low

Major upgrades
Base Image Vulnerabilities Severity
node:20.11.1-buster-slim 75 2 critical, 3 high, 1 medium, 69 low

Alternative image types
Base Image Vulnerabilities Severity
node:21.7.0-bookworm-slim 37 1 critical, 1 high, 0 medium, 35 low
node:21.7.0-bullseye-slim 68 1 critical, 1 high, 0 medium, 66 low
node:lts-bookworm 172 1 critical, 3 high, 1 medium, 167 low
node:20.11.0-slim 45 1 critical, 5 high, 3 medium, 36 low

Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection

@github-actions GitHub Actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ
deployId: 6600d231159c7f53d4cec2e7
dir: ./public
functions: ./functions/src
open: false
prod: false
prodIfUnlocked: false
site: 3751ef40-b145-4249-9657-39d3fb04ae81
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/6600d231159c7f53d4cec2e7
Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:6600d231159c7f53d4cec2e7
Website draft URL: https://6600d231159c7f53d4cec2e7--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions GitHub Actions
Copy link
Contributor

Bundle Analyzer URL

https://6600d231159c7f53d4cec2e7--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

@github-actions GitHub Actions
Copy link
Contributor

Memlab leaks report

page-load [7.1MB] (baseline) [s1] > action-on-page [8.1MB] (target) [s2] > revert [9.1MB] (final) [s3]  
------2 clusters------

--Similar leaks in this run: 1248--
--Retained size of leaked objects: 142.3KB--
[<synthetic>] (synthetic) @1 [10.3MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @6265 [64.3KB]
  --setTimeout (property)--->  [<closure>] (closure) @145485 [268 bytes]
  --context (internal)--->  [<function scope>] (object) @194833 [20 bytes]
  --previous (internal)--->  [<function scope>] (object) @47257 [30.2KB]
  --n (variable)--->  [t] (closure) @94735 [1.3KB]
  --context (internal)--->  [<function scope>] (object) @81903 [42.5KB]
  --n (variable)--->  [Object] (object) @76807 [42.4KB]
  --9077 (element)--->  [Object] (object) @76827 [24 bytes]
  --exports (property)--->  [r] (closure) @212961 [2.7KB]
  --hasData (property)--->  [<closure>] (closure) @213947 [80 bytes]
  --context (internal)--->  [<function scope>] (object) @275495 [1.5KB]
  --e (variable)--->  [Object] (object) @309769 [1KB]
  --2 (element)--->  [Object] (object) @324849 [76 bytes]
  --aaAutocomplete (property)--->  [d] (object) @335147 [348 bytes]
  --$node (property)--->  [$] (object) @384219 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @320791 [676 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @321173 [5.6KB]
  --7 (element)--->  [Detached HTMLDivElement] (native) @321053 [444 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @321199 [444 bytes]
  --6 (element)--->  [Detached HTMLAnchorElement] (native) @321425 [2.5KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321411 [2.5KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321513 [2.5KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321625 [2.5KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321611 [2.5KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321597 [2.5KB]
  --13 (element)--->  [Detached InternalNode] (native) @36758 [488 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @36760 [432 bytes]
  --4 (element)--->  [Detached ElementIntersectionObserverData] (native) @30966 [72 bytes]

--Similar leaks in this run: 479--
--Retained size of leaked objects: 49.9KB--
[<synthetic>] (synthetic) @1 [10.3MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @6265 [64.3KB]
  --___replace (property)--->  [<closure>] (closure) @145793 [76 bytes]
  --context (internal)--->  [<function scope>] (object) @100971 [724 bytes]
  --i (variable)--->  [Module] (object) @94743 [6.3KB]
  --get version (property)--->  [version] (closure) @86893 [80 bytes]
  --context (internal)--->  [<function scope>] (object) @74959 [6.5KB]
  --Qn (variable)--->  [y] (object) @392115 [368 bytes]
  --props (property)--->  [Object] (object) @417303 [28 bytes]
  --children (property)--->  [Object] (object) @417305 [296 bytes]
  --props (property)--->  [Object] (object) @417651 [56 bytes]
  --children (property)--->  [Object] (object) @393925 [1.2KB]
  --__ (property)--->  [Object] (object) @446341 [1.1KB]
  --__ (property)--->  [Object] (object) @446353 [940 bytes]
  --__ (property)--->  [Object] (object) @446367 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @321093 [440 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @321091 [384 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @321089 [384 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @320829 [14.9KB]
  --6 (element)--->  [Detached HTMLAnchorElement] (native) @320797 [2KB]
  --8 (element)--->  [Detached HTMLSpanElement] (native) @320793 [384 bytes]
  --6 (element)--->  [Detached InternalNode] (native) @30340 [240 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @28870 [184 bytes]
  --2 (element)--->  [Detached NamedNodeMap] (native) @28874 [40 bytes]

github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
2024a70
@github-actions GitHub Actions
Copy link
Contributor

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y
deployId: 6600d2763840ca53e1d9adf0
dir: ./storybook-static
open: false
prod: false
prodIfUnlocked: false
site: 905285ac-8339-48d2-86d8-8d639370a095
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/6600d2763840ca53e1d9adf0
Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:6600d2763840ca53e1d9adf0
Website draft URL: https://6600d2763840ca53e1d9adf0--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
bb62435
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
f973f39
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
a129003
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
d06d3ad
@github-actions GitHub Actions
Copy link
Contributor

Lighthouse Score

Desktop

performance: 99
accessibility: 100
best-practices: 100
seo: 92
pwa: 100

Mobile

performance: 76
accessibility: 100
best-practices: 96
seo: 93
pwa: 100

@github-actions github-actions bot temporarily deployed to development-storybook March 25, 2024 01:30 Inactive
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Delete file for PR #1446
43ddbc1
@github-actions GitHub Actions
Copy link
Contributor

Memlab leaks report

page-load [7.2MB] (baseline) [s1] > action-on-page [8.1MB] (target) [s2] > revert [9.2MB] (final) [s3]  
------2 clusters------

--Similar leaks in this run: 1634--
--Retained size of leaked objects: 175.7KB--
[<synthetic>] (synthetic) @1 [10.4MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @6257 [63.9KB]
  --setTimeout (property)--->  [<closure>] (closure) @48295 [72 bytes]
  --context (internal)--->  [<function scope>] (object) @178303 [20 bytes]
  --previous (internal)--->  [<function scope>] (object) @87329 [30.1KB]
  --n (variable)--->  [t] (closure) @167099 [1.3KB]
  --context (internal)--->  [<function scope>] (object) @172769 [42.5KB]
  --n (variable)--->  [Object] (object) @273363 [42.4KB]
  --9077 (element)--->  [Object] (object) @253631 [24 bytes]
  --exports (property)--->  [r] (closure) @226407 [2.7KB]
  --hasData (property)--->  [<closure>] (closure) @284765 [80 bytes]
  --context (internal)--->  [<function scope>] (object) @226793 [1.5KB]
  --e (variable)--->  [Object] (object) @226795 [1KB]
  --2 (element)--->  [Object] (object) @330545 [76 bytes]
  --aaAutocomplete (property)--->  [d] (object) @352005 [348 bytes]
  --$node (property)--->  [$] (object) @354623 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @325613 [676 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @325925 [5.6KB]
  --7 (element)--->  [Detached HTMLDivElement] (native) @326237 [444 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @325953 [444 bytes]
  --6 (element)--->  [Detached HTMLAnchorElement] (native) @325687 [2.5KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @325701 [2.5KB]
  --16 (element)--->  [Detached InternalNode] (native) @34634 [336 bytes]
  --2 (element)--->  [Detached InternalNode] (native) @34636 [224 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @34626 [224 bytes]
  --2 (element)--->  [Detached InternalNode] (native) @34628 [112 bytes]
  --1 (element)--->  [Detached EventListener] (native) @38720 [112 bytes]
  --1 (element)--->  [Detached V8EventListener] (native) @39028 [40 bytes]

--Similar leaks in this run: 479--
--Retained size of leaked objects: 49.9KB--
[<synthetic>] (synthetic) @1 [10.4MB]
  --2 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @6257 [63.9KB]
  --___replace (property)--->  [<closure>] (closure) @48629 [76 bytes]
  --context (internal)--->  [<function scope>] (object) @167153 [724 bytes]
  --i (variable)--->  [Module] (object) @169289 [6.3KB]
  --get version (property)--->  [version] (closure) @250965 [80 bytes]
  --context (internal)--->  [<function scope>] (object) @136189 [6.5KB]
  --Qn (variable)--->  [y] (object) @405101 [368 bytes]
  --props (property)--->  [Object] (object) @405097 [28 bytes]
  --children (property)--->  [Object] (object) @405023 [296 bytes]
  --props (property)--->  [Object] (object) @421915 [56 bytes]
  --children (property)--->  [Object] (object) @423495 [1.2KB]
  --__ (property)--->  [Object] (object) @430535 [1.1KB]
  --__ (property)--->  [Object] (object) @430545 [940 bytes]
  --__ (property)--->  [Object] (object) @430559 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @326269 [468 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @326267 [384 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @326227 [384 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @325653 [14.9KB]
  --8 (element)--->  [Detached HTMLElement] (native) @325671 [25.4KB]
  --5 (element)--->  [Detached HTMLDivElement] (native) @325669 [22.1KB]
  --6 (element)--->  [Detached Text] (native) @324985 [220 bytes]
  --6 (element)--->  [Detached HTMLImageElement] (native) @324981 [764 bytes]
  --7 (element)--->  [Detached Text] (native) @324977 [220 bytes]
  --6 (element)--->  [Detached HTMLParagraphElement] (native) @324945 [2.5KB]
  --8 (element)--->  [Detached Text] (native) @324941 [220 bytes]
  --6 (element)--->  [Detached HTMLHeadingElement] (native) @324933 [664 bytes]
  --8 (element)--->  [Detached Text] (native) @324929 [220 bytes]
  --6 (element)--->  [Detached HTMLParagraphElement] (native) @324921 [576 bytes]
  --8 (element)--->  [Detached Text] (native) @324917 [220 bytes]
  --6 (element)--->  [Detached HTMLParagraphElement] (native) @324909 [576 bytes]
  --8 (element)--->  [Detached Text] (native) @324905 [220 bytes]
  --6 (element)--->  [Detached HTMLImageElement] (native) @324901 [764 bytes]
  --7 (element)--->  [Detached Text] (native) @324897 [220 bytes]
  --6 (element)--->  [Detached HTMLParagraphElement] (native) @324889 [576 bytes]
  --10 (element)--->  [Detached InternalNode] (native) @28588 [152 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @30264 [96 bytes]
  --2 (element)--->  [Detached NamedNodeMap] (native) @30268 [40 bytes]

github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
271b298
@github-actions GitHub Actions
Copy link
Contributor

Snyk vulnerability report

OSS packages

Tested 1786 dependencies for known issues, found 14 issues, 30 vulnerable paths.

Issues to fix by upgrading:

Upgrade @sentry/[email protected] to @sentry/[email protected] to fix
✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 8 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in [email protected]
introduced by [email protected] > [email protected]
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in [email protected]
introduced by [email protected]
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-6256334] in [email protected]
introduced by [email protected] > [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Cross-site Request Forgery (CSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
This issue was fixed in versions: 1.6.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
This issue was fixed in versions: 1.6.3
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
This issue was fixed in versions: 1.6.4
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 6.0.2
✗ Uncontrolled Resource Consumption ('Resource Exhaustion') [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-TAR-6476909] in [email protected]
introduced by @sentry/[email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 6.2.1
✗ Path Traversal [High Severity][https://security.snyk.io/vuln/SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 5.3.4, 6.1.2, 7.1.0

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 23
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 25
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 41
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

3 Code issues found
3 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!

Test Summary

Organization: tubone24
Project name: tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]

Tip

New: Share your test results in the Snyk Web UI with the option --report

Container

Testing test-blog...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2005-2541
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2023-39804
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-6120423
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6
Fixed in: 1.30+dfsg-6+deb10u1

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Authentication Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Privilege Chaining
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Incorrect Privilege Assignment
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Missing Release of Resource after Effective Lifetime
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-7008
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6137710
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-50868
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277511
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Time-of-check Time-of-use (TOCTOU)
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Improper Authentication
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5879153
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pam/libpam0g
Description: CVE-2024-22365
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PAM-6178916
Introduced through: pam/[email protected], shadow/login@1:4.5-1.1, util-linux/[email protected], [email protected], pam/[email protected], pam/[email protected], pam/[email protected]
From: pam/[email protected]
From: shadow/login@1:4.5-1.1 > pam/[email protected]
From: util-linux/[email protected] > [email protected] > pam/[email protected]
and 11 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-50495
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6123819
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-45918
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6252772
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in lz4/liblz4-1
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072
Introduced through: lz4/[email protected]+deb10u1, [email protected]
From: lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > lz4/[email protected]+deb10u1

✗ Low severity vulnerability found in libtasn1-6
Description: CVE-2018-1000654
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libseccomp/libseccomp2
Description: CVE-2019-9893
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044
Introduced through: libseccomp/[email protected], [email protected]
From: libseccomp/[email protected]
From: [email protected] > libseccomp/[email protected]

✗ Low severity vulnerability found in libidn2/libidn2-0
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100
Introduced through: libidn2/[email protected]+deb10u1, [email protected]
From: libidn2/[email protected]+deb10u1
From: [email protected] > gnutls28/[email protected]+deb10u9 > libidn2/[email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-6405988
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6474579
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Uncaught Exception
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6474583
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2019-1010023
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use of Insufficiently Random Values
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894107
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: Insufficient Entropy
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: CVE-2023-4039
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-5901315
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in e2fsprogs/libcom-err2
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482
Introduced through: e2fsprogs/[email protected]+deb10u3, [email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3
From: e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
and 5 more...

✗ Low severity vulnerability found in coreutils
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in coreutils
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in bash
Description: Improper Check for Dropped Privileges
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in apt/libapt-pkg5.0
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502
Introduced through: apt/[email protected], [email protected]
From: apt/[email protected]
From: [email protected] > apt/[email protected]
From: [email protected]

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u10

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: CVE-2022-4415
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Medium severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5862705
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u4

✗ Medium severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6062099
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u11

✗ High severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-26604
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u9

✗ High severity vulnerability found in systemd/libsystemd0
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277513
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u10

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6159414
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u12

✗ High severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Critical severity vulnerability found in zlib/zlib1g
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-ZLIB-6008964
Introduced through: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2
From: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2

✗ Critical severity vulnerability found in libtasn1-6
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]
Fixed in: 4.13-3+deb10u1

✗ Critical severity vulnerability found in db5.3/libdb5.3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169
Introduced through: db5.3/[email protected]+dfsg1-0.5, [email protected]
From: db5.3/[email protected]+dfsg1-0.5
From: [email protected] > shadow/passwd@1:4.5-1.1 > pam/[email protected] > db5.3/[email protected]+dfsg1-0.5

------------ Detected 34 vulnerabilities for [email protected] ------------

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969349
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969357
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Permissive Cross-domain Policy with Untrusted Domains
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252338
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ Medium severity vulnerability found in node
Description: Timing Attack
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Inconsistency Between Implementation and Documented Design
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Over-read
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Underwrite (Buffer Underflow)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Improper Access Control
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848030
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969356
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Medium severity vulnerability found in node
Description: Observable Timing Discrepancy
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252330
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Insecure Permissions
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Prototype Pollution
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848038
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ High severity vulnerability found in node
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252328
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252332
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

Organization: tubone24
Package manager: deb
Project name: docker-image|test-blog
Docker image: test-blog
Platform: linux/amd64
Base image: node:18.12.1-buster-slim
Licenses: enabled

Tested 85 dependencies for known issues, found 119 issues.

Base Image Vulnerabilities Severity
node:18.12.1-buster-slim 119 3 critical, 17 high, 23 medium, 76 low

Recommendations for base image upgrade:

Minor upgrades
Base Image Vulnerabilities Severity
node:18.19.1-buster-slim 75 2 critical, 3 high, 1 medium, 69 low

Major upgrades
Base Image Vulnerabilities Severity
node:20.11.1-buster-slim 75 2 critical, 3 high, 1 medium, 69 low

Alternative image types
Base Image Vulnerabilities Severity
node:21.7.0-bookworm-slim 37 1 critical, 1 high, 0 medium, 35 low
node:21.7.0-bullseye-slim 68 1 critical, 1 high, 0 medium, 66 low
node:lts-bookworm 172 1 critical, 3 high, 1 medium, 167 low
node:20.11.0-slim 45 1 critical, 5 high, 3 medium, 36 low

Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection

@github-actions GitHub Actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ
deployId: 6600d455011ef54c3847381b
dir: ./public
functions: ./functions/src
open: false
prod: false
prodIfUnlocked: false
site: 3751ef40-b145-4249-9657-39d3fb04ae81
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/6600d455011ef54c3847381b
Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:6600d455011ef54c3847381b
Website draft URL: https://6600d455011ef54c3847381b--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions GitHub Actions
Copy link
Contributor

Bundle Analyzer URL

https://6600d455011ef54c3847381b--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

@github-actions GitHub Actions
Copy link
Contributor

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y
deployId: 6600d496430d3e4ff7cca454
dir: ./storybook-static
open: false
prod: false
prodIfUnlocked: false
site: 905285ac-8339-48d2-86d8-8d639370a095
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/6600d496430d3e4ff7cca454
Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:6600d496430d3e4ff7cca454
Website draft URL: https://6600d496430d3e4ff7cca454--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Delete file for PR #1446
de45534
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Delete file for PR #1446
a7fa517
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Delete file for PR #1446
bf3e640
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
3e960b5
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
f6e8e2a
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
c0f4d9a
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Delete file for PR #1446
9a4182d
github-actions bot pushed a commit that referenced this pull request Mar 25, 2024
@tubone24
[file upload] Added file for PR #1446
21fc2e6
@github-actions GitHub Actions
Copy link
Contributor

Lighthouse Score

Desktop

performance: 100
accessibility: 100
best-practices: 100
seo: 92
pwa: 100

Mobile

performance: 86
accessibility: 100
best-practices: 96
seo: 93
pwa: 100

@tubone24 tubone24 closed this Mar 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@tubone24 tubone24

Labels
src
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tubone24 @coveralls