New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump ws from 8.16.0 to 8.17.1 #725

Closed

dependabot wants to merge 1 commit into master from dependabot/npm_and_yarn/ws-8.17.1

Closed

Bump ws from 8.16.0 to 8.17.1 #725

Bump ws from 8.16.0 to 8.17.1

Wiz Inc. (87ff8274df) / Wiz Vulnerability Scanner completed Jun 24, 2024 in 1s

Wiz Vulnerability Scanner

Exposing Vulnerabilities with Wiz

Vulnerabilities Detected: 8

Annotations

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

braces:2.3.2

Detected Vulnerabilities:
  CVE-2024-4068, Severity: High, Source: https://github.com/advisories/GHSA-grv7-fg5c-xmjg
    🩹 Fixed version: 3.0.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

braces:3.0.2

Detected Vulnerabilities:
  CVE-2024-4068, Severity: High, Source: https://github.com/advisories/GHSA-grv7-fg5c-xmjg
    🩹 Fixed version: 3.0.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

glob-parent:3.1.0

Detected Vulnerabilities:
  CVE-2020-28469, Severity: High, Source: https://github.com/advisories/GHSA-ww39-953v-wcq6
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.1.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

html-minifier:3.5.21

Detected Vulnerabilities:
  CVE-2022-37620, Severity: High, Source: https://github.com/advisories/GHSA-pfq8-rq6v-vf5m
    CVSS score: 7.5, CVSS exploitability score: 3.9
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

ip:1.1.9

Detected Vulnerabilities:
  CVE-2024-29415, Severity: High, Source: https://github.com/advisories/GHSA-2p57-rm9w-gvfp
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

semver:7.0.0

Detected Vulnerabilities:
  CVE-2022-25883, Severity: Medium, Source: https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 7.5.2
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

tough-cookie:2.5.0

Detected Vulnerabilities:
  CVE-2023-26136, Severity: Medium, Source: https://github.com/advisories/GHSA-72xf-g2v4-qvf3
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 4.1.3
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 1 in yarn.lock

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

request:2.88.2

Detected Vulnerabilities:
  CVE-2023-28155, Severity: Medium, Source: https://github.com/advisories/GHSA-p8p7-x288-28g6
    CVSS score: 6.1, CVSS exploitability score: 2.8
    💥 Has public exploit
    🧨 Has CISA KEV exploit

View more details on Wiz Inc. (87ff8274df)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump ws from 8.16.0 to 8.17.1 #725

Bump ws from 8.16.0 to 8.17.1 #725

Wiz Vulnerability Scanner

Exposing Vulnerabilities with Wiz

Annotations

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

wiz-inc-87ff8274df / Wiz Vulnerability Scanner

Re-running checks...