Skip to content

Merge pull request #633 from czubocha/issue-632

Mend for GitHub.com / Mend Security Check failed Jul 18, 2024 in 3m 33s

Security Report

The Security Check found 2 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue Reachability
CVE-2024-29415

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/socks/node_modules/ip/package.json

Dependency Hierarchy:

-> proxy-agent-6.4.0.tgz (Root Library)

   -> socks-proxy-agent-8.0.2.tgz

     -> socks-2.7.1.tgz

       -> ❌ ip-2.0.1.tgz (Vulnerable Library)

Critical 9.1 ip-2.0.1.tgz #630

Reachable

CVE-2024-29415

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/ip/package.json

Dependency Hierarchy:

-> proxy-agent-6.4.0.tgz (Root Library)

   -> pac-proxy-agent-7.0.1.tgz

     -> pac-resolver-7.0.0.tgz

       -> ❌ ip-1.1.9.tgz (Vulnerable Library)

Critical 9.1 ip-1.1.9.tgz #630

Reachable


Total libraries scanned: 142
Scan token: 97b8dea657204170a45def00a51665d4