[Snyk] Security upgrade sanitize-html from 1.19.1 to 2.12.1 #185
Mend for GitHub.com / WhiteSource Security Check
failed
Feb 23, 2024 in 17m 27s
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2023-46136Path to dependency file: /tmp/ws-scm/amundsenfrontendlibrary Path to vulnerable library: /tmp/ws-scm/amundsenfrontendlibrary,/requirements.txt Dependency Hierarchy: -> ❌ Werkzeug-2.2.3-py3-none-any.whl (Vulnerable Library) |
 High |
7.5 | Werkzeug-2.2.3-py3-none-any.whl | Upgrade to version: werkzeug - 2.3.8,3.0.1 | #161 |
CVE-2022-42969Path to dependency file: /requirements.txt Path to vulnerable library: /requirements.txt,/tmp/ws-scm/amundsenfrontendlibrary Dependency Hierarchy: -> ❌ py-1.11.0-py2.py3-none-any.whl (Vulnerable Library) |
High |
7.5 | py-1.11.0-py2.py3-none-any.whl | #127 |
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2021-32640 | ws-5.2.2.tgz |
| CVE-2021-23362 | hosted-git-info-2.6.0.tgz |
| CVE-2021-32803 | tar-2.2.2.tgz |
| CVE-2019-6284 | node-sass-v4.13.1 |
| CVE-2020-11023 | jquery-2.1.4.min.js |
| CVE-2022-21222 | css-what-2.1.2.tgz |
| CVE-2021-3807 | ansi-regex-4.1.0.tgz |
| CVE-2018-19797 | node-sass-v4.13.1 |
| CVE-2019-6283 | node-sass-v4.13.1 |
| CVE-2018-19827 | node-sass-v4.13.1 |
| CVE-2018-11696 | node-sass-4.13.1.tgz |
| CVE-2022-37601 | loader-utils-1.1.0.tgz |
| CVE-2023-45133 | traverse-7.7.2.tgz |
| CVE-2018-20190 | node-sass-v4.13.1 |
| CVE-2021-3918 | json-schema-0.2.3.tgz |
| CVE-2021-27290 | ssri-7.1.0.tgz |
| CVE-2022-24999 | qs-6.5.2.tgz |
| CVE-2020-7774 | y18n-4.0.0.tgz |
| CVE-2023-50782 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2018-19838 | node-sass-4.13.1.tgz |
| CVE-2022-25883 | semver-5.7.1.tgz |
| CVE-2023-3446 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2021-33623 | trim-newlines-1.0.0.tgz |
| CVE-2018-11694 | node-sass-v4.13.1 |
| CVE-2018-20821 | node-sass-4.13.1.tgz |
| CVE-2021-23368 | postcss-7.0.23.tgz |
| CVE-2018-11694 | node-sass-4.13.1.tgz |
| CVE-2020-7608 | yargs-parser-10.1.0.tgz |
| CVE-2024-22195 | Jinja2-2.11.3-py2.py3-none-any.whl |
| CVE-2021-32803 | tar-4.4.13.tgz |
| CVE-2021-3777 | tmpl-1.0.4.tgz |
| CVE-2022-29217 | PyJWT-1.7.1-py2.py3-none-any.whl |
| CVE-2018-19837 | node-sass-4.13.1.tgz |
| CVE-2021-37701 | tar-2.2.2.tgz |
| CVE-2021-37713 | tar-4.4.13.tgz |
| CVE-2022-25858 | terser-4.4.2.tgz |
| WS-2020-0450 | handlebars-4.5.3.tgz |
| CVE-2020-13822 | elliptic-6.5.2.tgz |
| WS-2019-0605 | CSS::Sass-v3.6.0 |
| CVE-2021-37701 | tar-4.4.8.tgz |
| CVE-2022-24785 | moment-2.20.1.js |
| CVE-2018-11698 | node-sass-v4.13.1 |
| CVE-2022-46175 | json5-2.1.1.tgz |
| CVE-2022-46175 | json5-1.0.1.tgz |
| CVE-2022-46175 | json5-0.5.1.tgz |
| CVE-2018-20190 | node-sass-4.13.1.tgz |
| CVE-2021-27290 | ssri-6.0.1.tgz |
| CVE-2019-11358 | jquery-2.1.4.min.js |
| CVE-2022-38900 | decode-uri-component-0.2.0.tgz |
| CVE-2022-23491 | certifi-2020.12.5-py2.py3-none-any.whl |
| CVE-2019-18797 | node-sass-4.13.1.tgz |
| CVE-2023-23931 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2018-20822 | node-sass-v4.13.1 |
| CVE-2018-19839 | node-sass-4.13.1.tgz |
| CVE-2022-25883 | semver-6.3.0.tgz |
| CVE-2019-6286 | node-sass-4.13.1.tgz |
| CVE-2020-7774 | y18n-3.2.1.tgz |
| CVE-2021-23382 | postcss-7.0.23.tgz |
| CVE-2022-25858 | terser-4.6.2.tgz |
| CVE-2017-16137 | debug-4.1.1.tgz |
| CVE-2020-24025 | node-sass-4.13.1.tgz |
| CVE-2019-6284 | node-sass-4.13.1.tgz |
| CVE-2019-6286 | node-sass-v4.13.1 |
| CVE-2019-20149 | kind-of-6.0.2.tgz |
| WS-2020-0042 | acorn-6.3.0.tgz |
| CVE-2021-23368 | postcss-7.0.6.tgz |
| CVE-2021-23383 | handlebars-4.5.3.tgz |
| CVE-2021-23369 | handlebars-4.5.3.tgz |
| CVE-2022-37603 | loader-utils-1.1.0.tgz |
| CVE-2018-19827 | node-sass-4.13.1.tgz |
| CVE-2019-6283 | node-sass-4.13.1.tgz |
| CVE-2020-7789 | node-notifier-5.4.3.tgz |
| CVE-2017-16137 | debug-3.2.6.tgz |
| CVE-2021-23364 | browserslist-4.8.3.tgz |
| CVE-2023-46136 | Werkzeug-1.0.1-py2.py3-none-any.whl |
| WS-2019-0424 | elliptic-6.5.2.tgz |
| CVE-2020-28498 | elliptic-6.5.2.tgz |
| WS-2020-0042 | acorn-5.5.3.tgz |
| MSC-2023-16609 | fsevents-1.2.9.tgz |
| CVE-2022-31129 | moment-2.20.1.js |
| CVE-2019-18797 | node-sass-v4.13.1 |
| CVE-2022-40897 | setuptools-44.1.1-py2.py3-none-any.whl |
| CVE-2020-7788 | ini-1.3.5.tgz |
| WS-2020-0042 | acorn-6.4.0.tgz |
| CVE-2023-49083 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2021-37712 | tar-4.4.8.tgz |
| CVE-2023-45311 | fsevents-1.2.9.tgz |
| CVE-2018-19839 | CSS::Sass-v3.6.0 |
| CVE-2022-25887 | sanitize-html-1.19.1.tgz |
| CVE-2022-37601 | loader-utils-0.2.17.tgz |
| CVE-2023-0286 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2018-19838 | node-sass-v4.13.1 |
| CVE-2022-37598 | uglify-js-3.6.9.tgz |
| CVE-2023-45133 | traverse-7.7.4.tgz |
| CVE-2018-11499 | node-sass-4.13.1.tgz |
| CVE-2023-45133 | babel-traverse-6.26.0.tgz |
| CVE-2021-23382 | postcss-6.0.23.tgz |
| CVE-2015-9251 | jquery-2.1.4.min.js |
| CVE-2022-25758 | scss-tokenizer-0.2.3.tgz |
| CVE-2022-25883 | semver-7.0.0.tgz |
| CVE-2021-23382 | postcss-7.0.6.tgz |
| CVE-2018-11499 | node-sass-v4.13.1 |
| WS-2019-0425 | mocha-1.6.0.js |
| CVE-2022-25883 | semver-5.3.0.tgz |
| CVE-2018-20821 | node-sass-v4.13.1 |
| CVE-2021-3803 | nth-check-1.0.2.tgz |
| CVE-2023-37920 | certifi-2020.12.5-py2.py3-none-any.whl |
| CVE-2021-37701 | tar-4.4.13.tgz |
| CVE-2023-26136 | tough-cookie-2.4.3.tgz |
| CVE-2022-37598 | uglify-js-3.4.9.tgz |
| CVE-2023-2650 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2023-25577 | Werkzeug-1.0.1-py2.py3-none-any.whl |
| CVE-2021-26540 | sanitize-html-1.19.1.tgz |
| CVE-2020-15366 | ajv-6.10.2.tgz |
| CVE-2021-37713 | tar-4.4.8.tgz |
| CVE-2020-7598 | minimist-1.2.0.tgz |
| CVE-2018-11697 | node-sass-v4.13.1 |
| CVE-2020-7608 | yargs-parser-5.0.0.tgz |
| CVE-2021-32804 | tar-4.4.13.tgz |
| CVE-2022-21191 | global-modules-path-2.3.0.tgz |
| CVE-2022-25883 | semver-5.5.0.tgz |
| CVE-2022-37603 | loader-utils-1.2.3.tgz |
| CVE-2023-38325 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2018-11697 | CSS::Sass-v3.6.0 |
| CVE-2018-19797 | node-sass-4.13.1.tgz |
| CVE-2020-7660 | serialize-javascript-2.1.2.tgz |
| WS-2019-0425 | mocha-2.2.5.js |
| CVE-2021-26539 | sanitize-html-1.19.1.tgz |
| CVE-2020-7608 | yargs-parser-13.1.1.tgz |
| CVE-2021-32804 | tar-4.4.8.tgz |
| CVE-2020-28469 | glob-parent-3.1.0.tgz |
| CVE-2021-44906 | minimist-1.2.0.tgz |
| CVE-2023-46234 | browserify-sign-4.0.4.tgz |
| CVE-2021-37712 | tar-2.2.2.tgz |
| CVE-2021-3807 | ansi-regex-3.0.0.tgz |
| CVE-2018-19826 | node-sass-v4.13.1 |
| CVE-2020-14422 | ipaddress-1.0.23-py2.py3-none-any.whl |
| CVE-2018-11697 | node-sass-4.13.1.tgz |
| CVE-2021-37713 | tar-2.2.2.tgz |
| CVE-2020-15366 | ajv-5.5.2.tgz |
| CVE-2022-25883 | semver-5.7.0.tgz |
| CVE-2022-37620 | html-minifier-3.5.21.tgz |
| CVE-2021-32803 | tar-4.4.8.tgz |
| CVE-2020-15366 | ajv-6.4.0.tgz |
| CVE-2023-28155 | request-2.88.0.tgz |
| CVE-2023-23934 | Werkzeug-1.0.1-py2.py3-none-any.whl |
| CVE-2022-42969 | py-1.10.0-py2.py3-none-any.whl |
| CVE-2021-32804 | tar-2.2.2.tgz |
| CVE-2022-37601 | loader-utils-1.2.3.tgz |
| CVE-2021-37712 | tar-4.4.13.tgz |
| CVE-2020-11022 | jquery-2.1.4.min.js |
| CVE-2023-4807 | cryptography-3.3.2-cp27-cp27mu-manylinux2010_x86_64.whl |
| CVE-2022-3517 | minimatch-3.0.4.tgz |
Base branch total remaining vulnerabilities: 202
Base branch commit: null
Total libraries scanned: 257
Scan token: a4706562f5964d6892b26b723b0733fb
Loading