Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Langfuse v3をAWSマネージドサービスで作る #1466

Merged
merged 10 commits into from
Dec 31, 2024
Merged

Langfuse v3をAWSマネージドサービスで作る #1466

merged 10 commits into from
Dec 31, 2024

Conversation

github-actions[bot]
Copy link
Contributor

Automated changes by create_article_md GitHub action

@github-actions github-actions bot temporarily deployed to development-storybook December 30, 2024 04:22 Inactive
@coveralls
Copy link
Collaborator

coveralls commented Dec 30, 2024
edited
Loading

Pull Request Test Coverage Report for Build 12557147128

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 85.64%
Totals Coverage Status
Change from base Build 12203955301: 0.0%
Covered Lines: 251
Relevant Lines: 281
💛 - Coveralls

github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Added file for PR #1466
271ae51
@github-actions GitHub Actions
Copy link
Contributor Author

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ
deployId: 6772226ae4af28f2dca5b150
dir: ./public
functions: ./functions/src
open: false
prod: false
prodIfUnlocked: false
site: 3751ef40-b145-4249-9657-39d3fb04ae81
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/6772226ae4af28f2dca5b150
Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:6772226ae4af28f2dca5b150
Website draft URL: https://6772226ae4af28f2dca5b150--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions GitHub Actions
Copy link
Contributor Author

Bundle Analyzer URL

https://6772226ae4af28f2dca5b150--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

@github-actions GitHub Actions
Copy link
Contributor Author

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y
deployId: 6772229e93a902d95d0f2236
dir: ./storybook-static
open: false
prod: false
prodIfUnlocked: false
site: 905285ac-8339-48d2-86d8-8d639370a095
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/6772229e93a902d95d0f2236
Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:6772229e93a902d95d0f2236
Website draft URL: https://6772229e93a902d95d0f2236--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions GitHub Actions
Copy link
Contributor Author

Lighthouse Score

Desktop

Mobile

github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Added file for PR #1466
0053b71
github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Added file for PR #1466
6539aba
github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Added file for PR #1466
622bc8f
github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Added file for PR #1466
a20cda0
@github-actions github-actions bot temporarily deployed to development-storybook December 30, 2024 06:39 Inactive
@github-actions GitHub Actions
Copy link
Contributor Author

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ
deployId: 677240dfe0d3f3fb70e16ec7
dir: ./public
functions: ./functions/src
open: false
prod: false
prodIfUnlocked: false
site: 3751ef40-b145-4249-9657-39d3fb04ae81
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/677240dfe0d3f3fb70e16ec7
Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:677240dfe0d3f3fb70e16ec7
Website draft URL: https://677240dfe0d3f3fb70e16ec7--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Delete file for PR #1466
84b9c46
@github-actions GitHub Actions
Copy link
Contributor Author

Bundle Analyzer URL

https://677240dfe0d3f3fb70e16ec7--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Added file for PR #1466
05a6e2d
@github-actions GitHub Actions
Copy link
Contributor Author

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y
deployId: 6772411d1ac731f4110a9d3d
dir: ./storybook-static
open: false
prod: false
prodIfUnlocked: false
site: 905285ac-8339-48d2-86d8-8d639370a095
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/6772411d1ac731f4110a9d3d
Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:6772411d1ac731f4110a9d3d
Website draft URL: https://6772411d1ac731f4110a9d3d--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions GitHub Actions
Copy link
Contributor Author

Lighthouse Score

Desktop

Mobile

github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Delete file for PR #1466
7a6b7d5
github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Delete file for PR #1466
8adc63c
github-actions bot pushed a commit that referenced this pull request Dec 30, 2024
@tubone24
[file upload] Delete file for PR #1466
95a5b1a
@github-actions GitHub Actions
Copy link
Contributor Author

Snyk vulnerability report

OSS packages

Tested 1787 dependencies for known issues, found 30 issues, 90 vulnerable paths.

Issues to fix by upgrading:

Upgrade @sentry/[email protected] to @sentry/[email protected] to fix
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-COOKIE-8163060] in [email protected]
introduced by @sentry/[email protected] > [email protected] and 3 other path(s)

Upgrade @sentry/[email protected] to @sentry/[email protected] to fix
✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 8 other path(s)
✗ Uncontrolled Resource Consumption ('Resource Exhaustion') [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-TAR-6476909] in [email protected]
introduced by @sentry/[email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade @typescript-eslint/[email protected] to @typescript-eslint/[email protected] to fix
✗ Uncontrolled resource consumption [High Severity][https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 21 other path(s)
✗ Inefficient Regular Expression Complexity [High Severity][https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728] in [email protected]
introduced by [email protected] > [email protected] and 10 other path(s)

Upgrade @typescript-eslint/[email protected] to @typescript-eslint/[email protected] to fix
✗ Uncontrolled resource consumption [High Severity][https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 21 other path(s)
✗ Inefficient Regular Expression Complexity [High Severity][https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728] in [email protected]
introduced by [email protected] > [email protected] and 10 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6671926] in [email protected]
introduced by @raae/[email protected] > [email protected] and 3 other path(s)
✗ Server-side Request Forgery (SSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-7361793] in [email protected]
introduced by [email protected]

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in [email protected]
introduced by [email protected] > [email protected]
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Path Traversal [High Severity][https://security.snyk.io/vuln/SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555] in [email protected]
introduced by [email protected] > [email protected]
✗ Uncaught Exception [High Severity][https://security.snyk.io/vuln/SNYK-JS-SOCKETIO-7278048] in [email protected]
introduced by [email protected] > [email protected]
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in [email protected]
introduced by [email protected]

Upgrade [email protected] to [email protected] to fix
✗ Uncontrolled resource consumption [High Severity][https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 21 other path(s)

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Asymmetric Resource Consumption (Amplification) [High Severity][https://security.snyk.io/vuln/SNYK-JS-BODYPARSER-7926860] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 1.20.3
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 4 other path(s)
This issue was fixed in versions: 6.0.6, 7.0.5
✗ Open Redirect [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-EXPRESS-6474509] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 4.19.2, 5.0.0-beta.3
✗ Cross-site Scripting [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-EXPRESS-7926867] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 4.20.0, 5.0.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Malicious Package [Critical Severity][https://security.snyk.io/vuln/SNYK-JS-LEGACYSWCHELPERS-7647380] in [email protected]
introduced by [email protected] > [email protected] > @parcel/[email protected] > @swc/[email protected] > [email protected]
No upgrade or patch available
✗ Code Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available
✗ Improper Input Validation [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NANOID-8492085] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] and 3 other path(s)
This issue was fixed in versions: 3.3.8, 5.0.9
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 0.1.10, 1.9.0, 3.3.0, 6.3.0, 8.0.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-PATHTOREGEXP-8482416] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 0.1.12
✗ Cross-site Scripting [Low Severity][https://security.snyk.io/vuln/SNYK-JS-SEND-7926862] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.19.0, 1.1.0
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 6.0.2
✗ Cross-site Scripting [Low Severity][https://security.snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 1.16.0, 2.1.0
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-WEBPACK-7840298] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 5.94.0
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-WS-7266574] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 5.2.4, 6.2.3, 7.5.10, 8.17.1

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 23
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 25
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 41
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

3 Code issues found
3 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!

Test Summary

Organization: tubone24
Project name: tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]

Tip

New: Share your test results in the Snyk Web UI with the option --report

Container

Testing test-blog...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: CVE-2024-28085
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-6508628
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...
Fixed in: 2.33.1-0.1+deb10u1

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2005-2541
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2023-39804
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-6120423
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6
Fixed in: 1.30+dfsg-6+deb10u1

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Authentication Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Privilege Chaining
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Incorrect Privilege Assignment
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Missing Release of Resource after Effective Lifetime
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-7008
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6137710
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-50868
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277511
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Time-of-check Time-of-use (TOCTOU)
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Improper Authentication
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5879153
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pam/libpam0g
Description: CVE-2024-22365
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PAM-6178916
Introduced through: pam/[email protected], shadow/login@1:4.5-1.1, util-linux/[email protected], [email protected], pam/[email protected], pam/[email protected], pam/[email protected]
From: pam/[email protected]
From: shadow/login@1:4.5-1.1 > pam/[email protected]
From: util-linux/[email protected] > [email protected] > pam/[email protected]
and 11 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-50495
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6123819
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-45918
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6252772
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in lz4/liblz4-1
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072
Introduced through: lz4/[email protected]+deb10u1, [email protected]
From: lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > lz4/[email protected]+deb10u1

✗ Low severity vulnerability found in libtasn1-6
Description: CVE-2018-1000654
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libseccomp/libseccomp2
Description: CVE-2019-9893
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044
Introduced through: libseccomp/[email protected], [email protected]
From: libseccomp/[email protected]
From: [email protected] > libseccomp/[email protected]

✗ Low severity vulnerability found in libidn2/libidn2-0
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100
Introduced through: libidn2/[email protected]+deb10u1, [email protected]
From: libidn2/[email protected]+deb10u1
From: [email protected] > gnutls28/[email protected]+deb10u9 > libidn2/[email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-6405988
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2019-1010023
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use of Insufficiently Random Values
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894107
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-2961
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6617101
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
Fixed in: 2.28-10+deb10u3

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33599
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673956
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33601
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673957
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33602
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673966
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33600
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673971
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: Insufficient Entropy
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: CVE-2023-4039
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-5901315
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in e2fsprogs/libcom-err2
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482
Introduced through: e2fsprogs/[email protected]+deb10u3, [email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3
From: e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
and 5 more...

✗ Low severity vulnerability found in coreutils
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in coreutils
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in bash
Description: Improper Check for Dropped Privileges
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in apt/libapt-pkg5.0
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502
Introduced through: apt/[email protected], [email protected]
From: apt/[email protected]
From: [email protected] > apt/[email protected]
From: [email protected]

✗ Medium severity vulnerability found in util-linux/libuuid1
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...
Fixed in: 2.33.1-0.1+deb10u1

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u10

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: CVE-2022-4415
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Medium severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5862705
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u4

✗ Medium severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6062099
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u11

✗ High severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-26604
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u9

✗ High severity vulnerability found in systemd/libsystemd0
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277513
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u10

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6159414
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u12

✗ High severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Critical severity vulnerability found in zlib/zlib1g
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-ZLIB-6008964
Introduced through: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2
From: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2

✗ Critical severity vulnerability found in libtasn1-6
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]
Fixed in: 4.13-3+deb10u1

✗ Critical severity vulnerability found in db5.3/libdb5.3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169
Introduced through: db5.3/[email protected]+dfsg1-0.5, [email protected]
From: db5.3/[email protected]+dfsg1-0.5
From: [email protected] > shadow/passwd@1:4.5-1.1 > pam/[email protected] > db5.3/[email protected]+dfsg1-0.5

------------ Detected 43 vulnerabilities for [email protected] ------------

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969349
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969357
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Permissive Cross-domain Policy with Untrusted Domains
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252338
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ Low severity vulnerability found in node
Description: Authorization Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430907
Introduced through: [email protected]
From: [email protected]
Fixed in: 20.15.1, 22.4.1

✗ Low severity vulnerability found in node
Description: Authorization Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430909
Introduced through: [email protected]
From: [email protected]
Fixed in: 20.15.1, 22.4.1

✗ Low severity vulnerability found in node
Description: Improper Handling of Values
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430912
Introduced through: [email protected]
From: [email protected]
Fixed in: 20.15.1, 22.4.1

✗ Medium severity vulnerability found in node
Description: Timing Attack
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Inconsistency Between Implementation and Documented Design
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Over-read
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Underwrite (Buffer Underflow)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Improper Access Control
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848030
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969356
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Medium severity vulnerability found in node
Description: Observable Timing Discrepancy
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252330
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6564550
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.1, 20.12.1, 21.7.2

✗ Medium severity vulnerability found in node
Description: Improper Control of Generation of Code ('Code Injection')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430900
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.4, 20.15.1, 22.4.1

✗ Medium severity vulnerability found in node
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430905
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.4, 20.15.1, 22.4.1

✗ High severity vulnerability found in node
Description: Insecure Permissions
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Prototype Pollution
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848038
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ High severity vulnerability found in node
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252328
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252332
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6564548
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.1, 20.12.1, 21.7.2

✗ High severity vulnerability found in node
Description: Improper Control of Generation of Code ('Code Injection')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6615824
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.2, 20.12.2, 21.7.3

✗ High severity vulnerability found in node
Description: Server-Side Request Forgery (SSRF)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-8379641
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

Organization: tubone24
Package manager: deb
Project name: docker-image|test-blog
Docker image: test-blog
Platform: linux/amd64
Licenses: enabled

Tested 85 dependencies for known issues, found 132 issues.

Debian 10 is no longer supported by the Debian maintainers. Vulnerability detection may be affected by a lack of security updates.

Snyk wasn’t able to auto detect the base image, use --file option to get base image remediation advice.
Example: $ snyk container test test-blog --file=path/to/Dockerfile

To remove this message in the future, please run snyk config set disableSuggestions=true

Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection

Testing test-blog...

Tested 275 dependencies for known issues, found 7 issues.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Uncontrolled Resource Consumption ('Resource Exhaustion') [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-TAR-6476909] in [email protected]
introduced by [email protected] > [email protected] and 86 other path(s)
✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 254 other path(s)
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 39 other path(s)
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-IP-7148531] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] and 39 other path(s)
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] and 309 other path(s)
✗ Server-side Request Forgery (SSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-IP-6240864] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] and 39 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106] in [email protected]
introduced by [email protected] > [email protected] > [email protected]

Organization: tubone24
Package manager: npm
Target file: /usr/local/lib/node_modules
Project name: lib
Docker image: test-blog
Licenses: enabled

Snyk wasn’t able to auto detect the base image, use --file option to get base image remediation advice.
Example: $ snyk container test test-blog --file=path/to/Dockerfile

Snyk found some vulnerabilities in your image applications (Snyk searches for these vulnerabilities by default). See https://snyk.co/app-vulns for more information.

To remove these messages in the future, please run snyk config set disableSuggestions=true

Testing test-blog...

Tested 196 dependencies for known issues, found 7 issues.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6671926] in [email protected]
introduced by @raae/[email protected] > [email protected] and 3 other path(s)
✗ Server-side Request Forgery (SSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-7361793] in [email protected]
introduced by [email protected]

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 2 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 2 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in [email protected]
introduced by [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: npm
Target file: /app/package.json
Project name: blog
Docker image: test-blog
Licenses: enabled

Snyk wasn’t able to auto detect the base image, use --file option to get base image remediation advice.
Example: $ snyk container test test-blog --file=path/to/Dockerfile

Snyk found some vulnerabilities in your image applications (Snyk searches for these vulnerabilities by default). See https://snyk.co/app-vulns for more information.

To remove these messages in the future, please run snyk config set disableSuggestions=true

Tested 3 projects, 3 contained vulnerable paths.

@github-actions GitHub Actions
Copy link
Contributor Author

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ
deployId: 6773a599c76666dddd56d1a2
dir: ./public
functions: ./functions/src
open: false
prod: false
prodIfUnlocked: false
site: 3751ef40-b145-4249-9657-39d3fb04ae81
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/6773a599c76666dddd56d1a2
Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:6773a599c76666dddd56d1a2
Website draft URL: https://6773a599c76666dddd56d1a2--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Delete file for PR #1466
37b5351
@github-actions GitHub Actions
Copy link
Contributor Author

Bundle Analyzer URL

https://6773a599c76666dddd56d1a2--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
6d8423b
@github-actions GitHub Actions
Copy link
Contributor Author

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y
deployId: 6773a5ee55c34fcb9d5ee61a
dir: ./storybook-static
open: false
prod: false
prodIfUnlocked: false
site: 905285ac-8339-48d2-86d8-8d639370a095
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/6773a5ee55c34fcb9d5ee61a
Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:6773a5ee55c34fcb9d5ee61a
Website draft URL: https://6773a5ee55c34fcb9d5ee61a--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions github-actions bot temporarily deployed to development-storybook December 31, 2024 08:06 Inactive
@github-actions GitHub Actions
Copy link
Contributor Author

Lighthouse Score

Desktop

Mobile

@tubone24 tubone24 marked this pull request as ready for review December 31, 2024 08:06
@tubone24 tubone24 self-requested a review as a code owner December 31, 2024 08:06
@tubone24 tubone24 merged commit 47e22e9 into master Dec 31, 2024
22 of 25 checks passed
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Delete file for PR #1466
a7aca8f
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Delete file for PR #1466
6e56498
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Delete file for PR #1466
11f73f5
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
13590db
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
9bc42d4
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
a233eca
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Delete file for PR #1466
ea9e702
@github-actions GitHub Actions
Copy link
Contributor Author

Snyk vulnerability report

OSS packages

Tested 1787 dependencies for known issues, found 30 issues, 90 vulnerable paths.

Issues to fix by upgrading:

Upgrade @sentry/[email protected] to @sentry/[email protected] to fix
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-COOKIE-8163060] in [email protected]
introduced by @sentry/[email protected] > [email protected] and 3 other path(s)

Upgrade @sentry/[email protected] to @sentry/[email protected] to fix
✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 8 other path(s)
✗ Uncontrolled Resource Consumption ('Resource Exhaustion') [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-TAR-6476909] in [email protected]
introduced by @sentry/[email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade @typescript-eslint/[email protected] to @typescript-eslint/[email protected] to fix
✗ Uncontrolled resource consumption [High Severity][https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 21 other path(s)
✗ Inefficient Regular Expression Complexity [High Severity][https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728] in [email protected]
introduced by [email protected] > [email protected] and 10 other path(s)

Upgrade @typescript-eslint/[email protected] to @typescript-eslint/[email protected] to fix
✗ Uncontrolled resource consumption [High Severity][https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 21 other path(s)
✗ Inefficient Regular Expression Complexity [High Severity][https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728] in [email protected]
introduced by [email protected] > [email protected] and 10 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6671926] in [email protected]
introduced by @raae/[email protected] > [email protected] and 3 other path(s)
✗ Server-side Request Forgery (SSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-7361793] in [email protected]
introduced by [email protected]

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in [email protected]
introduced by [email protected] > [email protected]
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Path Traversal [High Severity][https://security.snyk.io/vuln/SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555] in [email protected]
introduced by [email protected] > [email protected]
✗ Uncaught Exception [High Severity][https://security.snyk.io/vuln/SNYK-JS-SOCKETIO-7278048] in [email protected]
introduced by [email protected] > [email protected]
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in [email protected]
introduced by [email protected]

Upgrade [email protected] to [email protected] to fix
✗ Uncontrolled resource consumption [High Severity][https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 21 other path(s)

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Asymmetric Resource Consumption (Amplification) [High Severity][https://security.snyk.io/vuln/SNYK-JS-BODYPARSER-7926860] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 1.20.3
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 4 other path(s)
This issue was fixed in versions: 6.0.6, 7.0.5
✗ Open Redirect [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-EXPRESS-6474509] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 4.19.2, 5.0.0-beta.3
✗ Cross-site Scripting [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-EXPRESS-7926867] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 4.20.0, 5.0.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available
✗ Malicious Package [Critical Severity][https://security.snyk.io/vuln/SNYK-JS-LEGACYSWCHELPERS-7647380] in [email protected]
introduced by [email protected] > [email protected] > @parcel/[email protected] > @swc/[email protected] > [email protected]
No upgrade or patch available
✗ Code Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
No upgrade or patch available
✗ Improper Input Validation [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NANOID-8492085] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] and 3 other path(s)
This issue was fixed in versions: 3.3.8, 5.0.9
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 0.1.10, 1.9.0, 3.3.0, 6.3.0, 8.0.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-PATHTOREGEXP-8482416] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 0.1.12
✗ Cross-site Scripting [Low Severity][https://security.snyk.io/vuln/SNYK-JS-SEND-7926862] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 0.19.0, 1.1.0
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 6.0.2
✗ Cross-site Scripting [Low Severity][https://security.snyk.io/vuln/SNYK-JS-SERVESTATIC-7926865] in [email protected]
introduced by [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 1.16.0, 2.1.0
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-WEBPACK-7840298] in [email protected]
introduced by [email protected] > [email protected]
This issue was fixed in versions: 5.94.0
✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-WS-7266574] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] and 1 other path(s)
This issue was fixed in versions: 5.2.4, 6.2.3, 7.5.10, 8.17.1

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 23
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 25
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 41
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

3 Code issues found
3 [Medium]

IaC

Snyk Infrastructure as Code

  • Snyk testing Infrastructure as Code configuration issues.
    ✔ Test completed.

Issues
No vulnerable paths were found!

Test Summary

Organization: tubone24
Project name: tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]

Tip

New: Share your test results in the Snyk Web UI with the option --report

Container

Testing test-blog...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: CVE-2024-28085
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-6508628
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...
Fixed in: 2.33.1-0.1+deb10u1

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2005-2541
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2023-39804
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-6120423
Introduced through: [email protected]+dfsg-6
From: [email protected]+dfsg-6
Fixed in: 1.30+dfsg-6+deb10u1

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Authentication Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Privilege Chaining
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Incorrect Privilege Assignment
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Missing Release of Resource after Effective Lifetime
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-7008
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6137710
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-50868
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277511
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Time-of-check Time-of-use (TOCTOU)
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Improper Authentication
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5879153
Introduced through: shadow/passwd@1:4.5-1.1, [email protected], shadow/login@1:4.5-1.1, util-linux/[email protected]
From: shadow/passwd@1:4.5-1.1
From: [email protected] > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188
Introduced through: perl/[email protected]+deb10u1
From: perl/[email protected]+deb10u1

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pam/libpam0g
Description: CVE-2024-22365
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PAM-6178916
Introduced through: pam/[email protected], shadow/login@1:4.5-1.1, util-linux/[email protected], [email protected], pam/[email protected], pam/[email protected], pam/[email protected]
From: pam/[email protected]
From: shadow/login@1:4.5-1.1 > pam/[email protected]
From: util-linux/[email protected] > [email protected] > pam/[email protected]
and 11 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-50495
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6123819
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: CVE-2023-45918
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6252772
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in lz4/liblz4-1
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072
Introduced through: lz4/[email protected]+deb10u1, [email protected]
From: lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > lz4/[email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > lz4/[email protected]+deb10u1

✗ Low severity vulnerability found in libtasn1-6
Description: CVE-2018-1000654
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642
Introduced through: libsepol/[email protected], [email protected]
From: libsepol/[email protected]
From: [email protected] > shadow/passwd@1:4.5-1.1 > libsemanage/[email protected] > libsepol/[email protected]

✗ Low severity vulnerability found in libseccomp/libseccomp2
Description: CVE-2019-9893
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044
Introduced through: libseccomp/[email protected], [email protected]
From: libseccomp/[email protected]
From: [email protected] > libseccomp/[email protected]

✗ Low severity vulnerability found in libidn2/libidn2-0
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100
Introduced through: libidn2/[email protected]+deb10u1, [email protected]
From: libidn2/[email protected]+deb10u1
From: [email protected] > gnutls28/[email protected]+deb10u9 > libidn2/[email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-6405988
Introduced through: [email protected]+deb10u1, [email protected]
From: [email protected]+deb10u1
From: [email protected] > gnupg2/[email protected]+deb10u2 > [email protected]+deb10u1
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8 > [email protected]+deb10u1

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553
Introduced through: gnupg2/[email protected]+deb10u2, [email protected]
From: gnupg2/[email protected]+deb10u2
From: [email protected] > gnupg2/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2019-1010023
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use of Insufficiently Random Values
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894106
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894107
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-2961
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6617101
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
Fixed in: 2.28-10+deb10u3

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33599
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673956
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33601
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673957
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33602
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673966
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2024-33600
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-6673971
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: Insufficient Entropy
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: CVE-2023-4039
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-5901315
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Low severity vulnerability found in e2fsprogs/libcom-err2
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482
Introduced through: e2fsprogs/[email protected]+deb10u3, [email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3, e2fsprogs/[email protected]+deb10u3
From: e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
From: [email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3 > e2fsprogs/[email protected]+deb10u3
and 5 more...

✗ Low severity vulnerability found in coreutils
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in coreutils
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in bash
Description: Improper Check for Dropped Privileges
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280
Introduced through: [email protected]
From: [email protected]

✗ Low severity vulnerability found in apt/libapt-pkg5.0
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502
Introduced through: apt/[email protected], [email protected]
From: apt/[email protected]
From: [email protected] > apt/[email protected]
From: [email protected]

✗ Medium severity vulnerability found in util-linux/libuuid1
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833
Introduced through: util-linux/[email protected], [email protected]+deb10u3, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected], [email protected], sysvinit/[email protected], util-linux/bsdutils@1:2.33.1-0.1, util-linux/[email protected], util-linux/[email protected], util-linux/[email protected]
From: util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected]
From: [email protected]+deb10u3 > util-linux/[email protected] > util-linux/[email protected]
and 25 more...
Fixed in: 2.33.1-0.1+deb10u1

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u10

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: CVE-2022-4415
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Medium severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5862705
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u4

✗ Medium severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6062099
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u11

✗ High severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-26604
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u9

✗ High severity vulnerability found in systemd/libsystemd0
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277513
Introduced through: systemd/libsystemd0@241-7deb10u8, util-linux/bsdutils@1:2.33.1-0.1, [email protected], util-linux/[email protected], systemd/libudev1@241-7deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: [email protected] > apt/[email protected] > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196
Introduced through: ncurses/[email protected]+20181013-2+deb10u3, [email protected], ncurses/[email protected]+20181013-2+deb10u3, util-linux/[email protected], util-linux/[email protected], ncurses/[email protected]+20181013-2+deb10u3, ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3
From: [email protected] > ncurses/[email protected]+20181013-2+deb10u3
From: ncurses/[email protected]+20181013-2+deb10u3 > ncurses/[email protected]+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u5

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u10

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6159414
Introduced through: gnutls28/[email protected]+deb10u9, [email protected]
From: gnutls28/[email protected]+deb10u9
From: [email protected] > gnutls28/[email protected]+deb10u9
Fixed in: 3.6.7-4+deb10u12

✗ High severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488
Introduced through: glibc/[email protected]+deb10u2, glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2
From: glibc/[email protected]+deb10u2

✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558
Introduced through: gcc-8/[email protected], [email protected], gcc-8/[email protected], gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/[email protected]
From: [email protected] > gcc-8/[email protected]
From: [email protected] > apt/[email protected] > gcc-8/[email protected]
and 2 more...

✗ Critical severity vulnerability found in zlib/zlib1g
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-ZLIB-6008964
Introduced through: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2
From: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2

✗ Critical severity vulnerability found in libtasn1-6
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094
Introduced through: [email protected], [email protected]
From: [email protected]
From: [email protected] > gnutls28/[email protected]+deb10u9 > [email protected]
Fixed in: 4.13-3+deb10u1

✗ Critical severity vulnerability found in db5.3/libdb5.3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169
Introduced through: db5.3/[email protected]+dfsg1-0.5, [email protected]
From: db5.3/[email protected]+dfsg1-0.5
From: [email protected] > shadow/passwd@1:4.5-1.1 > pam/[email protected] > db5.3/[email protected]+dfsg1-0.5

------------ Detected 43 vulnerabilities for [email protected] ------------

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969349
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969357
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Low severity vulnerability found in node
Description: Permissive Cross-domain Policy with Untrusted Domains
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252338
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ Low severity vulnerability found in node
Description: Authorization Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430907
Introduced through: [email protected]
From: [email protected]
Fixed in: 20.15.1, 22.4.1

✗ Low severity vulnerability found in node
Description: Authorization Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430909
Introduced through: [email protected]
From: [email protected]
Fixed in: 20.15.1, 22.4.1

✗ Low severity vulnerability found in node
Description: Improper Handling of Values
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430912
Introduced through: [email protected]
From: [email protected]
Fixed in: 20.15.1, 22.4.1

✗ Medium severity vulnerability found in node
Description: Timing Attack
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Inconsistency Between Implementation and Documented Design
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Over-read
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Underwrite (Buffer Underflow)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Improper Access Control
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848030
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ Medium severity vulnerability found in node
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969356
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.18.2

✗ Medium severity vulnerability found in node
Description: Observable Timing Discrepancy
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252330
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6564550
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.1, 20.12.1, 21.7.2

✗ Medium severity vulnerability found in node
Description: Improper Control of Generation of Code ('Code Injection')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430900
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.4, 20.15.1, 22.4.1

✗ Medium severity vulnerability found in node
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-7430905
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.4, 20.15.1, 22.4.1

✗ High severity vulnerability found in node
Description: Insecure Permissions
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Prototype Pollution
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848038
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.17.1

✗ High severity vulnerability found in node
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252328
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252332
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

✗ High severity vulnerability found in node
Description: Allocation of Resources Without Limits or Throttling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6564548
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.1, 20.12.1, 21.7.2

✗ High severity vulnerability found in node
Description: Improper Control of Generation of Code ('Code Injection')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6615824
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.20.2, 20.12.2, 21.7.3

✗ High severity vulnerability found in node
Description: Server-Side Request Forgery (SSRF)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-8379641
Introduced through: [email protected]
From: [email protected]
Fixed in: 18.19.1, 20.11.1, 21.6.2

Organization: tubone24
Package manager: deb
Project name: docker-image|test-blog
Docker image: test-blog
Platform: linux/amd64
Licenses: enabled

Tested 85 dependencies for known issues, found 132 issues.

Debian 10 is no longer supported by the Debian maintainers. Vulnerability detection may be affected by a lack of security updates.

Snyk wasn’t able to auto detect the base image, use --file option to get base image remediation advice.
Example: $ snyk container test test-blog --file=path/to/Dockerfile

To remove this message in the future, please run snyk config set disableSuggestions=true

Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection

Testing test-blog...

Tested 275 dependencies for known issues, found 7 issues.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Uncontrolled Resource Consumption ('Resource Exhaustion') [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-TAR-6476909] in [email protected]
introduced by [email protected] > [email protected] and 86 other path(s)
✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 254 other path(s)
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTTPCACHESEMANTICS-3248783] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 39 other path(s)
✗ Server-Side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-IP-7148531] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] and 39 other path(s)
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] and 309 other path(s)
✗ Server-side Request Forgery (SSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-IP-6240864] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] and 39 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-PATHTOREGEXP-7925106] in [email protected]
introduced by [email protected] > [email protected] > [email protected]

Organization: tubone24
Package manager: npm
Target file: /usr/local/lib/node_modules
Project name: lib
Docker image: test-blog
Licenses: enabled

Snyk wasn’t able to auto detect the base image, use --file option to get base image remediation advice.
Example: $ snyk container test test-blog --file=path/to/Dockerfile

Snyk found some vulnerabilities in your image applications (Snyk searches for these vulnerabilities by default). See https://snyk.co/app-vulns for more information.

To remove these messages in the future, please run snyk config set disableSuggestions=true

Testing test-blog...

Tested 196 dependencies for known issues, found 7 issues.

Issues to fix by upgrading:

Upgrade [email protected] to [email protected] to fix
✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6671926] in [email protected]
introduced by @raae/[email protected] > [email protected] and 3 other path(s)
✗ Server-side Request Forgery (SSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-7361793] in [email protected]
introduced by [email protected]

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in [email protected]
introduced by @raae/[email protected] > [email protected] and 2 other path(s)
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 2 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in [email protected]
introduced by [email protected] > [email protected] > [email protected] and 2 other path(s)

Upgrade [email protected] to [email protected] to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in [email protected]
introduced by [email protected]

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in [email protected]
introduced by [email protected]
No upgrade or patch available

Organization: tubone24
Package manager: npm
Target file: /app/package.json
Project name: blog
Docker image: test-blog
Licenses: enabled

Snyk wasn’t able to auto detect the base image, use --file option to get base image remediation advice.
Example: $ snyk container test test-blog --file=path/to/Dockerfile

Snyk found some vulnerabilities in your image applications (Snyk searches for these vulnerabilities by default). See https://snyk.co/app-vulns for more information.

To remove these messages in the future, please run snyk config set disableSuggestions=true

Tested 3 projects, 3 contained vulnerable paths.

@github-actions GitHub Actions
Copy link
Contributor Author

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ
deployId: 6773a68d0a5c63ec83a876e2
dir: ./public
functions: ./functions/src
open: false
prod: false
prodIfUnlocked: false
site: 3751ef40-b145-4249-9657-39d3fb04ae81
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/6773a68d0a5c63ec83a876e2
Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:6773a68d0a5c63ec83a876e2
Website draft URL: https://6773a68d0a5c63ec83a876e2--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
d3144cd
@github-actions GitHub Actions
Copy link
Contributor Author

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Netlify Build
────────────────────────────────────────────────────────────────

❯ Version
@netlify/build 29.36.1

❯ Flags
auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y
deployId: 6773a6dee4af28e450a5b290
dir: ./storybook-static
open: false
prod: false
prodIfUnlocked: false
site: 905285ac-8339-48d2-86d8-8d639370a095
skipFunctionsCache: false

❯ Current directory
/home/runner/work/blog/blog

❯ Config file
/home/runner/work/blog/blog/netlify.toml

❯ Context
dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/6773a6dee4af28e450a5b290
Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:6773a6dee4af28e450a5b290
Website draft URL: https://6773a6dee4af28e450a5b290--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions GitHub Actions
Copy link
Contributor Author

Bundle Analyzer URL

https://6773a68d0a5c63ec83a876e2--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

@github-actions GitHub Actions
Copy link
Contributor Author

Lighthouse Score

Desktop

Mobile

github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Delete file for PR #1466
27576b2
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
2892e4a
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Delete file for PR #1466
c2265c5
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
be2396e
github-actions bot pushed a commit that referenced this pull request Dec 31, 2024
@tubone24
[file upload] Added file for PR #1466
d0220d6
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tubone24 tubone24 Awaiting requested review from tubone24 tubone24 is a code owner

Assignees

@tubone24 tubone24

Labels
content netlify-cms/draft src
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@coveralls @tubone24