Update .whitesource
Security Report
Partial results (64 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|
CVE-2023-3696Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/mongoose/package.json Dependency Hierarchy: -> ❌ mongoose-5.13.14.tgz (Vulnerable Library) |
 Critical |
9.8 | mongoose-5.13.14.tgz | Upgrade to version: mongoose - 6.11.3,7.3.4 | #19 |
|
CVE-2023-28154Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/webpack/package.json,/achilles-frontend/node_modules/webpack/package.json Dependency Hierarchy: -> ❌ webpack-5.72.1.tgz (Vulnerable Library) |
Critical |
9.8 | webpack-5.72.1.tgz | Upgrade to version: webpack - 5.76.0 | #21 |
|
CVE-2022-37601Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/mini-css-extract-plugin/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/sass-loader/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/html-webpack-plugin/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/sass-loader/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/babel-loader/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/babel-loader/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/postcss-loader/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/html-webpack-plugin/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/mini-css-extract-plugin/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/postcss-loader/node_modules/loader-utils/package.json Dependency Hierarchy: -> postcss-loader-3.0.0.tgz (Root Library) -> ❌ loader-utils-1.4.0.tgz (Vulnerable Library) |
Critical |
9.8 | loader-utils-1.4.0.tgz | Upgrade to version: loader-utils - 1.4.1,2.0.3 | #30 |
|
CVE-2022-2564Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/mongoose/package.json Dependency Hierarchy: -> ❌ mongoose-5.13.14.tgz (Vulnerable Library) |
Critical |
9.8 | mongoose-5.13.14.tgz | Upgrade to version: mongoose - 6.4.6 | #19 |
|
CVE-2024-53900Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/mongoose/package.json Dependency Hierarchy: -> ❌ mongoose-5.13.14.tgz (Vulnerable Library) |
Critical |
9.1 | mongoose-5.13.14.tgz | Upgrade to version: mongoose - 6.13.5,7.8.3,8.8.3 | #19 |
|
WS-2023-0439Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/axios/package.json,/baak-dataload-sql/node_modules/axios/package.json Dependency Hierarchy: -> ❌ axios-0.21.4.tgz (Vulnerable Library) |
 High |
7.5 | axios-0.21.4.tgz | Upgrade to version: axios - 1.6.3,0.20.0 | #22 |
|
CVE-2024-52798Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/path-to-regexp/package.json,/baak-vizualization/node_modules/path-to-regexp/package.json,/achilles-frontend/node_modules/path-to-regexp/package.json Dependency Hierarchy: -> express-4.17.1.tgz (Root Library) -> ❌ path-to-regexp-0.1.7.tgz (Vulnerable Library) |
High |
7.5 | path-to-regexp-0.1.7.tgz | Upgrade to version: path-to-regexp - 0.1.12 | #36 |
|
CVE-2024-45590Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/body-parser/package.json Dependency Hierarchy: -> express-4.17.1.tgz (Root Library) -> ❌ body-parser-1.19.0.tgz (Vulnerable Library) |
High |
7.5 | body-parser-1.19.0.tgz | Upgrade to version: body-parser - 1.20.3 | #36 |
|
CVE-2024-45590Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/body-parser/package.json,/achilles-frontend/node_modules/body-parser/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> express-4.18.1.tgz -> ❌ body-parser-1.20.0.tgz (Vulnerable Library) |
High |
7.5 | body-parser-1.20.0.tgz | Upgrade to version: body-parser - 1.20.3 | #42 |
|
CVE-2024-45296Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/path-to-regexp/package.json,/baak-vizualization/node_modules/path-to-regexp/package.json,/achilles-frontend/node_modules/path-to-regexp/package.json Dependency Hierarchy: -> express-4.17.1.tgz (Root Library) -> ❌ path-to-regexp-0.1.7.tgz (Vulnerable Library) |
High |
7.5 | path-to-regexp-0.1.7.tgz | Upgrade to version: path-to-regexp - 0.1.10,1.9.0,3.3.0,6.3.0,8.0.0 | #36 |
|
CVE-2024-45296Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/react-router/node_modules/path-to-regexp/package.json Dependency Hierarchy: -> react-router-dom-5.2.0.tgz (Root Library) -> react-router-5.2.0.tgz -> ❌ path-to-regexp-1.8.0.tgz (Vulnerable Library) |
High |
7.5 | path-to-regexp-1.8.0.tgz | Upgrade to version: path-to-regexp - 0.1.10,1.9.0,3.3.0,6.3.0,8.0.0 | #51 |
|
CVE-2024-4068Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/braces/package.json,/baak-vizualization/node_modules/braces/package.json Dependency Hierarchy: -> eslint-webpack-plugin-2.4.0.tgz (Root Library) -> micromatch-4.0.5.tgz -> ❌ braces-3.0.2.tgz (Vulnerable Library) |
High |
7.5 | braces-3.0.2.tgz | Upgrade to version: braces - 3.0.3 | #47 |
|
CVE-2024-21538Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/cross-spawn/package.json,/achilles-frontend/node_modules/cross-spawn/package.json Dependency Hierarchy: -> react-dev-utils-12.0.1.tgz (Root Library) -> ❌ cross-spawn-7.0.3.tgz (Vulnerable Library) |
High |
7.5 | cross-spawn-7.0.3.tgz | Upgrade to version: cross-spawn - 7.0.5 | #28 |
|
CVE-2024-21536Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/http-proxy-middleware/package.json,/baak-vizualization/node_modules/http-proxy-middleware/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> ❌ http-proxy-middleware-2.0.6.tgz (Vulnerable Library) |
High |
7.5 | http-proxy-middleware-2.0.6.tgz | Upgrade to version: http-proxy-middleware - 2.0.7,3.0.3 | #42 |
|
CVE-2022-38900Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/decode-uri-component/package.json,/achilles-frontend/node_modules/decode-uri-component/package.json Dependency Hierarchy: -> jest-dom-5.11.6.tgz (Root Library) -> css-3.0.0.tgz -> source-map-resolve-0.6.0.tgz -> ❌ decode-uri-component-0.2.0.tgz (Vulnerable Library) |
High |
7.5 | decode-uri-component-0.2.0.tgz | Upgrade to version: decode-uri-component - 0.2.1 | #20 |
|
CVE-2022-37603Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/mini-css-extract-plugin/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/sass-loader/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/html-webpack-plugin/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/sass-loader/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/babel-loader/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/babel-loader/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/postcss-loader/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/html-webpack-plugin/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/mini-css-extract-plugin/node_modules/loader-utils/package.json,/baak-vizualization/node_modules/postcss-loader/node_modules/loader-utils/package.json Dependency Hierarchy: -> postcss-loader-3.0.0.tgz (Root Library) -> ❌ loader-utils-1.4.0.tgz (Vulnerable Library) |
High |
7.5 | loader-utils-1.4.0.tgz | Upgrade to version: loader-utils - 1.4.2,2.0.4,3.2.1 | #30 |
|
CVE-2022-37603Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/react-dev-utils/node_modules/loader-utils/package.json,/achilles-frontend/node_modules/react-dev-utils/node_modules/loader-utils/package.json Dependency Hierarchy: -> react-dev-utils-12.0.1.tgz (Root Library) -> ❌ loader-utils-3.2.0.tgz (Vulnerable Library) |
High |
7.5 | loader-utils-3.2.0.tgz | Upgrade to version: loader-utils - 1.4.2,2.0.4,3.2.1 | #28 |
|
CVE-2022-3517Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/minimatch/package.json,/achilles-frontend/node_modules/minimatch/package.json Dependency Hierarchy: -> react-dev-utils-12.0.1.tgz (Root Library) -> recursive-readdir-2.2.2.tgz -> ❌ minimatch-3.0.4.tgz (Vulnerable Library) |
High |
7.5 | minimatch-3.0.4.tgz | Upgrade to version: minimatch - 3.0.5 | #28 |
|
CVE-2022-24999Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/qs/package.json Dependency Hierarchy: -> express-4.17.1.tgz (Root Library) -> ❌ qs-6.7.0.tgz (Vulnerable Library) |
High |
7.5 | qs-6.7.0.tgz | Upgrade to version: qs - 6.2.4,6.3.3,6.4.1,6.5.3,6.6.1,6.7.3,6.8.3,6.9.7,6.10.3 | #36 |
|
CVE-2024-29180Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/webpack-dev-middleware/package.json,/baak-vizualization/node_modules/webpack-dev-middleware/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> ❌ webpack-dev-middleware-5.3.3.tgz (Vulnerable Library) |
High |
7.4 | webpack-dev-middleware-5.3.3.tgz | Upgrade to version: webpack-dev-middleware - 5.3.4,6.1.2,7.1.0 | #42 |
|
CVE-2023-26159Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/follow-redirects/package.json,/baak-vizualization/node_modules/follow-redirects/package.json Dependency Hierarchy: -> axios-0.21.2.tgz (Root Library) -> ❌ follow-redirects-1.15.0.tgz (Vulnerable Library) |
High |
7.3 | follow-redirects-1.15.0.tgz | Upgrade to version: follow-redirects - 1.15.4 | #25 |
|
CVE-2022-46175Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/postcss-loader/node_modules/json5/package.json,/baak-vizualization/node_modules/babel-loader/node_modules/json5/package.json,/achilles-frontend/node_modules/json5/package.json,/baak-vizualization/node_modules/tsconfig-paths/node_modules/json5/package.json,/baak-vizualization/node_modules/html-webpack-plugin/node_modules/json5/package.json Dependency Hierarchy: -> resolve-url-loader-3.1.4.tgz (Root Library) -> loader-utils-1.2.3.tgz -> ❌ json5-1.0.1.tgz (Vulnerable Library) |
High |
7.1 | json5-1.0.1.tgz | Upgrade to version: json5 - 2.2.2 | #37 |
|
CVE-2024-28849Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/follow-redirects/package.json,/baak-vizualization/node_modules/follow-redirects/package.json Dependency Hierarchy: -> axios-0.21.2.tgz (Root Library) -> ❌ follow-redirects-1.15.0.tgz (Vulnerable Library) |
 Medium |
6.5 | follow-redirects-1.15.0.tgz | Upgrade to version: follow-redirects - 1.15.6 | #25 |
|
CVE-2023-45857Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/axios/package.json,/baak-dataload-sql/node_modules/axios/package.json Dependency Hierarchy: -> ❌ axios-0.21.4.tgz (Vulnerable Library) |
Medium |
6.5 | axios-0.21.4.tgz | Upgrade to version: axios - 1.6.0 | #22 |
|
CVE-2024-43788Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/webpack/package.json,/achilles-frontend/node_modules/webpack/package.json Dependency Hierarchy: -> ❌ webpack-5.72.1.tgz (Vulnerable Library) |
Medium |
6.4 | webpack-5.72.1.tgz | Upgrade to version: webpack - 5.94.0 | #21 |
|
CVE-2022-23540Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/jsonwebtoken/package.json,/achilles-frontend/node_modules/jsonwebtoken/package.json Dependency Hierarchy: -> ❌ jsonwebtoken-8.5.1.tgz (Vulnerable Library) |
Medium |
6.4 | jsonwebtoken-8.5.1.tgz | Upgrade to version: jsonwebtoken - 9.0.0 | #38 |
|
CVE-2024-47068Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/rollup/package.json,/baak-vizualization/node_modules/rollup/package.json Dependency Hierarchy: -> workbox-webpack-plugin-6.5.3.tgz (Root Library) -> workbox-build-6.5.3.tgz -> ❌ rollup-2.74.1.tgz (Vulnerable Library) |
Medium |
6.1 | rollup-2.74.1.tgz | Upgrade to version: rollup - 3.29.5,4.22.4 | #46 |
|
CVE-2024-29041Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/express/package.json Dependency Hierarchy: -> ❌ express-4.17.1.tgz (Vulnerable Library) |
Medium |
6.1 | express-4.17.1.tgz | Upgrade to version: express - 4.19.0 | #36 |
|
CVE-2024-29041Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/express/package.json,/achilles-frontend/node_modules/express/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> ❌ express-4.18.1.tgz (Vulnerable Library) |
Medium |
6.1 | express-4.18.1.tgz | Upgrade to version: express - 4.19.0 | #42 |
|
CVE-2022-23539Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/jsonwebtoken/package.json,/achilles-frontend/node_modules/jsonwebtoken/package.json Dependency Hierarchy: -> ❌ jsonwebtoken-8.5.1.tgz (Vulnerable Library) |
Medium |
5.9 | jsonwebtoken-8.5.1.tgz | Upgrade to version: jsonwebtoken - 9.0.0 | #38 |
|
CVE-2024-47764Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/cookie/package.json Dependency Hierarchy: -> express-4.17.1.tgz (Root Library) -> ❌ cookie-0.4.0.tgz (Vulnerable Library) |
Medium |
5.3 | cookie-0.4.0.tgz | Upgrade to version: cookie - 0.7.0 | #36 |
|
CVE-2024-47764Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/cookie/package.json,/achilles-frontend/node_modules/cookie/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> express-4.18.1.tgz -> ❌ cookie-0.5.0.tgz (Vulnerable Library) |
Medium |
5.3 | cookie-0.5.0.tgz | Upgrade to version: cookie - 0.7.0 | #42 |
|
CVE-2024-4067Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/micromatch/package.json,/achilles-frontend/node_modules/micromatch/package.json Dependency Hierarchy: -> jest-resolve-26.6.0.tgz (Root Library) -> jest-util-26.6.2.tgz -> ❌ micromatch-4.0.5.tgz (Vulnerable Library) |
Medium |
5.3 | micromatch-4.0.5.tgz | Upgrade to version: micromatch - 4.0.8 | #29 |
|
CVE-2023-44270Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/optimize-css-assets-webpack-plugin/node_modules/postcss/package.json,/baak-vizualization/node_modules/resolve-url-loader/node_modules/postcss/package.json,/baak-vizualization/node_modules/optimize-css-assets-webpack-plugin/node_modules/postcss/package.json,/achilles-frontend/node_modules/postcss-safe-parser/node_modules/postcss/package.json Dependency Hierarchy: -> resolve-url-loader-5.0.0.tgz (Root Library) -> ❌ postcss-8.4.14.tgz (Vulnerable Library) |
Medium |
5.3 | postcss-8.4.14.tgz | Upgrade to version: postcss - 8.4.31 | #39 |
|
CVE-2022-33987Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/got/package.json Dependency Hierarchy: -> latest-version-5.1.0.tgz (Root Library) -> package-json-6.5.0.tgz -> ❌ got-9.6.0.tgz (Vulnerable Library) |
Medium |
5.3 | got-9.6.0.tgz | Upgrade to version: got - 11.8.5,12.1.0 | #23 |
|
CVE-2022-25883Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/jest-snapshot/node_modules/semver/package.json Dependency Hierarchy: -> jest-circus-29.1.2.tgz (Root Library) -> jest-snapshot-29.1.2.tgz -> ❌ semver-7.3.8.tgz (Vulnerable Library) |
Medium |
5.3 | semver-7.3.8.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #34 |
|
CVE-2022-25883Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/sass-loader/node_modules/semver/package.json,/baak-vizualization/node_modules/make-dir/node_modules/semver/package.json,/baak-vizualization/node_modules/@svgr/webpack/node_modules/semver/package.json,/achilles-frontend/node_modules/istanbul-lib-instrument/node_modules/semver/package.json,/achilles-frontend/node_modules/make-dir/node_modules/semver/package.json,/achilles-frontend/node_modules/@babel/helper-compilation-targets/node_modules/semver/package.json,/baak-vizualization/node_modules/@babel/helper-compilation-targets/node_modules/semver/package.json,/baak-dataload-sql/node_modules/semver/package.json,/baak-vizualization/node_modules/istanbul-lib-instrument/node_modules/semver/package.json,/baak-vizualization/node_modules/jest-snapshot/node_modules/@babel/core/node_modules/semver/package.json,/baak-vizualization/node_modules/sass-loader/node_modules/semver/package.json Dependency Hierarchy: -> jest-circus-29.1.2.tgz (Root Library) -> jest-snapshot-29.1.2.tgz -> core-7.19.3.tgz -> ❌ semver-6.3.0.tgz (Vulnerable Library) |
Medium |
5.3 | semver-6.3.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #34 |
|
CVE-2022-25883Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/@babel/core/node_modules/semver/package.json,/achilles-frontend/node_modules/@babel/plugin-transform-runtime/node_modules/semver/package.json,/achilles-frontend/node_modules/find-cache-dir/node_modules/semver/package.json,/baak-vizualization/node_modules/@babel/plugin-transform-runtime/node_modules/semver/package.json,/baak-vizualization/node_modules/@babel/core/node_modules/semver/package.json,/baak-vizualization/node_modules/sane/node_modules/semver/package.json,/achilles-frontend/node_modules/@babel/preset-env/node_modules/semver/package.json,/baak-dataload-sql/node_modules/jsonwebtoken/node_modules/semver/package.json,/achilles-frontend/node_modules/sane/node_modules/semver/package.json,/achilles-frontend/node_modules/normalize-package-data/node_modules/semver/package.json,/baak-vizualization/node_modules/find-cache-dir/node_modules/semver/package.json,/achilles-frontend/node_modules/semver-max/node_modules/semver/package.json,/baak-vizualization/node_modules/@babel/preset-env/node_modules/semver/package.json,/baak-vizualization/node_modules/normalize-package-data/node_modules/semver/package.json,/achilles-frontend/node_modules/jsonwebtoken/node_modules/semver/package.json Dependency Hierarchy: -> jest-resolve-26.6.0.tgz (Root Library) -> read-pkg-up-7.0.1.tgz -> read-pkg-5.2.0.tgz -> normalize-package-data-2.5.0.tgz -> ❌ semver-5.7.1.tgz (Vulnerable Library) |
Medium |
5.3 | semver-5.7.1.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #29 |
|
CVE-2022-25883Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/semver/package.json Dependency Hierarchy: -> ❌ semver-7.3.4.tgz (Vulnerable Library) |
Medium |
5.3 | semver-7.3.4.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #24 |
|
CVE-2022-25881Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/http-cache-semantics/package.json Dependency Hierarchy: -> latest-version-5.1.0.tgz (Root Library) -> package-json-6.5.0.tgz -> got-9.6.0.tgz -> cacheable-request-6.1.0.tgz -> ❌ http-cache-semantics-4.1.0.tgz (Vulnerable Library) |
Medium |
5.3 | http-cache-semantics-4.1.0.tgz | Upgrade to version: http-cache-semantics - 4.1.1;org.webjars.npm:http-cache-semantics:4.1.1 | #23 |
|
CVE-2024-43800Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/serve-static/package.json Dependency Hierarchy: -> express-4.17.1.tgz (Root Library) -> ❌ serve-static-1.14.1.tgz (Vulnerable Library) |
Medium |
5.0 | serve-static-1.14.1.tgz | Upgrade to version: serve-static - 1.16.0,2.1.0 | #36 |
|
CVE-2024-43800Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/serve-static/package.json,/achilles-frontend/node_modules/serve-static/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> express-4.18.1.tgz -> ❌ serve-static-1.15.0.tgz (Vulnerable Library) |
Medium |
5.0 | serve-static-1.15.0.tgz | Upgrade to version: serve-static - 1.16.0,2.1.0 | #42 |
|
CVE-2024-43799Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/send/package.json Dependency Hierarchy: -> express-4.17.1.tgz (Root Library) -> ❌ send-0.17.1.tgz (Vulnerable Library) |
Medium |
5.0 | send-0.17.1.tgz | Upgrade to version: send - 0.19.0 | #36 |
|
CVE-2024-43799Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/send/package.json,/baak-vizualization/node_modules/send/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> express-4.18.1.tgz -> ❌ send-0.18.0.tgz (Vulnerable Library) |
Medium |
5.0 | send-0.18.0.tgz | Upgrade to version: send - 0.19.0 | #42 |
|
CVE-2024-43796Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/express/package.json Dependency Hierarchy: -> ❌ express-4.17.1.tgz (Vulnerable Library) |
Medium |
5.0 | express-4.17.1.tgz | Upgrade to version: express - 4.20.0,5.0.0 | #36 |
|
CVE-2024-43796Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/express/package.json,/achilles-frontend/node_modules/express/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> ❌ express-4.18.1.tgz (Vulnerable Library) |
Medium |
5.0 | express-4.18.1.tgz | Upgrade to version: express - 4.20.0,5.0.0 | #42 |
|
CVE-2022-23541Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/jsonwebtoken/package.json,/achilles-frontend/node_modules/jsonwebtoken/package.json Dependency Hierarchy: -> ❌ jsonwebtoken-8.5.1.tgz (Vulnerable Library) |
Medium |
5.0 | jsonwebtoken-8.5.1.tgz | Upgrade to version: jsonwebtoken - 9.0.0 | #38 |
|
CVE-2022-25896Path to dependency file: /baak-dataload-sql/package.json Path to vulnerable library: /baak-dataload-sql/node_modules/passport/package.json Dependency Hierarchy: -> ❌ passport-0.4.1.tgz (Vulnerable Library) |
Medium |
4.8 | passport-0.4.1.tgz | Upgrade to version: passport - 0.6.0 | #27 |
|
CVE-2022-37601Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/resolve-url-loader/node_modules/loader-utils/package.json Dependency Hierarchy: -> resolve-url-loader-3.1.4.tgz (Root Library) -> ❌ loader-utils-1.2.3.tgz (Vulnerable Library) |
Critical |
9.8 | loader-utils-1.2.3.tgz | Upgrade to version: loader-utils - 1.4.1,2.0.3 | #37 |
|
CVE-2022-37601Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/loader-utils/package.json Dependency Hierarchy: -> url-loader-4.1.1.tgz (Root Library) -> ❌ loader-utils-2.0.2.tgz (Vulnerable Library) |
Critical |
9.8 | loader-utils-2.0.2.tgz | Upgrade to version: loader-utils - 1.4.1,2.0.3 | #35 |
|
CVE-2022-37601Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/loader-utils/package.json Dependency Hierarchy: -> url-loader-4.1.1.tgz (Root Library) -> ❌ loader-utils-2.0.0.tgz (Vulnerable Library) |
Critical |
9.8 | loader-utils-2.0.0.tgz | Upgrade to version: loader-utils - 1.4.1,2.0.3 | #35 |
|
CVE-2023-45133Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/jest-snapshot/node_modules/@babel/traverse/package.json,/baak-vizualization/node_modules/istanbul-lib-instrument/node_modules/@babel/traverse/package.json Dependency Hierarchy: -> jest-circus-29.1.2.tgz (Root Library) -> jest-snapshot-29.1.2.tgz -> ❌ traverse-7.19.4.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.19.4.tgz | Upgrade to version: @babel/traverse - 7.23.2 | #34 |
|
CVE-2023-45133Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/@babel/traverse/package.json Dependency Hierarchy: -> core-7.12.3.tgz (Root Library) -> ❌ traverse-7.18.0.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.18.0.tgz | Upgrade to version: @babel/traverse - 7.23.2 | #26 |
|
CVE-2023-45133Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/@babel/traverse/package.json Dependency Hierarchy: -> core-7.12.3.tgz (Root Library) -> ❌ traverse-7.13.0.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.13.0.tgz | Upgrade to version: @babel/traverse - 7.23.2 | #26 |
|
CVE-2024-33883Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/ejs/package.json,/achilles-frontend/node_modules/ejs/package.json Dependency Hierarchy: -> workbox-webpack-plugin-6.5.3.tgz (Root Library) -> workbox-build-6.5.3.tgz -> rollup-plugin-off-main-thread-2.2.3.tgz -> ❌ ejs-3.1.8.tgz (Vulnerable Library) |
High |
8.8 | ejs-3.1.8.tgz | Upgrade to version: ejs - 3.1.10 | #46 |
|
WS-2023-0439Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/axios/package.json Dependency Hierarchy: -> ❌ axios-0.21.2.tgz (Vulnerable Library) |
High |
7.5 | axios-0.21.2.tgz | Upgrade to version: axios - 1.6.3,0.20.0 | #25 |
|
CVE-2024-55565Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/nanoid/package.json,/baak-vizualization/node_modules/nanoid/package.json Dependency Hierarchy: -> resolve-url-loader-5.0.0.tgz (Root Library) -> postcss-8.4.14.tgz -> ❌ nanoid-3.3.4.tgz (Vulnerable Library) |
High |
7.5 | nanoid-3.3.4.tgz | Upgrade to version: nanoid - 3.3.8,5.0.9 | #39 |
|
CVE-2024-4068Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/sane/node_modules/braces/package.json,/baak-vizualization/node_modules/sane/node_modules/braces/package.json Dependency Hierarchy: -> jest-circus-26.6.0.tgz (Root Library) -> jest-snapshot-26.6.2.tgz -> jest-haste-map-26.6.2.tgz -> sane-4.1.0.tgz -> micromatch-3.1.10.tgz -> ❌ braces-2.3.2.tgz (Vulnerable Library) |
High |
7.5 | braces-2.3.2.tgz | Upgrade to version: braces - 3.0.3 | #18 |
|
CVE-2024-37890Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/ws/package.json,/baak-vizualization/node_modules/ws/package.json Dependency Hierarchy: -> webpack-dev-server-4.9.0.tgz (Root Library) -> ❌ ws-8.6.0.tgz (Vulnerable Library) |
High |
7.5 | ws-8.6.0.tgz | Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 | #42 |
|
CVE-2024-37890Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/jsdom/node_modules/ws/package.json Dependency Hierarchy: -> jest-circus-26.6.0.tgz (Root Library) -> jest-runner-26.6.3.tgz -> jest-config-26.6.3.tgz -> jest-environment-jsdom-26.6.2.tgz -> jsdom-16.5.1.tgz -> ❌ ws-7.5.7.tgz (Vulnerable Library) |
High |
7.5 | ws-7.5.7.tgz | Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 | #18 |
|
CVE-2024-21538Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/sane/node_modules/cross-spawn/package.json,/achilles-frontend/node_modules/sane/node_modules/cross-spawn/package.json Dependency Hierarchy: -> jest-circus-26.6.0.tgz (Root Library) -> jest-snapshot-26.6.2.tgz -> jest-haste-map-26.6.2.tgz -> sane-4.1.0.tgz -> execa-1.0.0.tgz -> ❌ cross-spawn-6.0.5.tgz (Vulnerable Library) |
High |
7.5 | cross-spawn-6.0.5.tgz | Upgrade to version: cross-spawn - 7.0.5 | #18 |
|
CVE-2022-37603Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/resolve-url-loader/node_modules/loader-utils/package.json Dependency Hierarchy: -> resolve-url-loader-3.1.4.tgz (Root Library) -> ❌ loader-utils-1.2.3.tgz (Vulnerable Library) |
High |
7.5 | loader-utils-1.2.3.tgz | Upgrade to version: loader-utils - 1.4.2,2.0.4,3.2.1 | #37 |
|
CVE-2022-37603Path to dependency file: /achilles-frontend/package.json Path to vulnerable library: /achilles-frontend/node_modules/loader-utils/package.json Dependency Hierarchy: -> url-loader-4.1.1.tgz (Root Library) -> ❌ loader-utils-2.0.2.tgz (Vulnerable Library) |
High |
7.5 | loader-utils-2.0.2.tgz | Upgrade to version: loader-utils - 1.4.2,2.0.4,3.2.1 | #35 |
|
CVE-2022-37603Path to dependency file: /baak-vizualization/package.json Path to vulnerable library: /baak-vizualization/node_modules/loader-utils/package.json Dependency Hierarchy: -> url-loader-4.1.1.tgz (Root Library) -> ❌ loader-utils-2.0.0.tgz (Vulnerable Library) |
High |
7.5 | loader-utils-2.0.0.tgz | Upgrade to version: loader-utils - 1.4.2,2.0.4,3.2.1 | #35 |
|
Total libraries scanned: 1919
Scan token: 23d4d72a3d26c46cba42c6776760624081733832000418_93