mend-bolt-for-github[bot]
mend-bolt-for-github[bot]
## CVE-2022-24778 - High Severity Vulnerability Vulnerable Library - github.com/containerd/containerd-v1.6.1 An open and reliable container runtime Dependency Hierarchy: - github.com/moby/moby-v20.10.17 (Root Library) - :x: **github.com/containerd/containerd-v1.6.1** (Vulnerable Library) Found in HEAD...
## CVE-2022-24785 - High Severity Vulnerability Vulnerable Library - moment-2.29.1.tgz Parse, validate, manipulate, and display dates Library home page: https://registry.npmjs.org/moment/-/moment-2.29.1.tgz Path to dependency file: /ui/package.json Path to vulnerable library: /ui/node_modules/moment/package.json...
## CVE-2022-27191 - High Severity Vulnerability Vulnerable Library - github.com/golang/crypto-86341886e2925764dc890ad96c141a1bc76043af [mirror] Go supplementary cryptography libraries Dependency Hierarchy: - :x: **github.com/golang/crypto-86341886e2925764dc890ad96c141a1bc76043af** (Vulnerable Library) Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb Found in base...
## CVE-2021-33587 - High Severity Vulnerability Vulnerable Library - css-what-3.4.2.tgz a CSS selector parser Library home page: https://registry.npmjs.org/css-what/-/css-what-3.4.2.tgz Path to dependency file: /ui/package.json Path to vulnerable library: /ui/node_modules/svgo/node_modules/css-what/package.json Dependency Hierarchy:...
## CVE-2022-0536 - Medium Severity Vulnerability Vulnerable Library - follow-redirects-1.14.4.tgz HTTP and HTTPS modules that follow redirects. Library home page: https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz Path to dependency file: /ui/package.json Path to vulnerable library:...
## CVE-2022-0155 - Medium Severity Vulnerability Vulnerable Library - follow-redirects-1.14.4.tgz HTTP and HTTPS modules that follow redirects. Library home page: https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz Path to dependency file: /ui/package.json Path to vulnerable library:...
Welcome to [WhiteSource Bolt for GitHub](https://github.com/marketplace/whitesource-bolt)! This is an onboarding PR to help you understand and configure settings before WhiteSource starts scanning your repository for security vulnerabilities. :vertical_traffic_light: WhiteSource Bolt...
There is an error with this repository's WhiteSource configuration file that needs to be fixed. As a precaution, scans will stop until it is resolved. Errors: * Failed to parse...
## CVE-2021-35065 - High Severity Vulnerability Vulnerable Libraries - glob-parent-5.1.1.tgz, glob-parent-5.1.2.tgz, glob-parent-3.1.0.tgz glob-parent-5.1.1.tgz Extract the non-magic parent path from a glob string. Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz Path to dependency file:...
## CVE-2022-25858 - High Severity Vulnerability Vulnerable Library - terser-3.17.0.tgz JavaScript parser, mangler/compressor and beautifier toolkit for ES6+ Library home page: https://registry.npmjs.org/terser/-/terser-3.17.0.tgz Path to dependency file: /package.json Path to vulnerable...