mend-bolt-for-github[bot]
mend-bolt-for-github[bot]
## CVE-2024-41946 - Medium Severity Vulnerability Vulnerable Library - rexml-3.2.8.gem An XML toolkit for Ruby Library home page: https://rubygems.org/gems/rexml-3.2.8.gem Path to dependency file: /Gemfile.lock Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rexml-3.2.8.gem Dependency...
## CVE-2024-41123 - Medium Severity Vulnerability Vulnerable Library - rexml-3.2.8.gem An XML toolkit for Ruby Library home page: https://rubygems.org/gems/rexml-3.2.8.gem Path to dependency file: /Gemfile.lock Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rexml-3.2.8.gem Dependency...
## CVE-2024-39908 - Medium Severity Vulnerability Vulnerable Library - rexml-3.2.8.gem An XML toolkit for Ruby Library home page: https://rubygems.org/gems/rexml-3.2.8.gem Path to dependency file: /Gemfile.lock Path to vulnerable library: /home/wss-scanner/.gem/ruby/3.2.0/cache/rexml-3.2.8.gem Dependency...
Vulnerable Library - parcel-2.12.0.tgz Path to dependency file: /blockchain_integration/pi_network/pi-browser-app/apps/AstralPlane/package.json Path to vulnerable library: /blockchain_integration/pi_network/SpacePi/node_modules/@jest/transform/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/jest-haste-map/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/jest-message-util/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/@jest/core/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/jest-config/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/jest-util/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiShield/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/apps/AstralPlane/node_modules/micromatch/package.json Found in HEAD commit: 011e5f9d5ce310049a1a68c19f7df65be4f88caf ## Vulnerabilities | CVE | Severity | CVSS | Dependency |...
Vulnerable Library - babel-cli-6.26.0.tgz Path to dependency file: /blockchain_integration/pi_network/SpacePi/package.json Path to vulnerable library: /blockchain_integration/pi_network/PiSure/client/node_modules/watchpack-chokidar2/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/webpack/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/sane/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/readdirp/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/http-proxy-middleware/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/webpack-dev-server/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/webpack-dev-server/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/sane/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/webpack/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/watchpack-chokidar2/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/sane/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/http-proxy-middleware/node_modules/micromatch/package.json Found in HEAD commit: 011e5f9d5ce310049a1a68c19f7df65be4f88caf ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency |...
Vulnerable Library - jsonwebtoken-8.5.1.tgz JSON Web Token implementation (symmetric and asymmetric) Library home page: https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz Path to dependency file: /blockchain_integration/pi_network/PiRide/package.json Path to vulnerable library: /blockchain_integration/pi_network/PiRide/node_modules/jsonwebtoken/package.json Found in HEAD commit: 011e5f9d5ce310049a1a68c19f7df65be4f88caf...
Vulnerable Library - web3-1.10.4.tgz Path to dependency file: /blockchain_integration/pi_network/PiRide/package.json Path to vulnerable library: /blockchain_integration/pi_network/contracts/node_modules/sha.js/package.json,/blockchain_integration/pi_network/node_modules/ganache-cli/node_modules/sha.js/package.json,/blockchain_integration/pi_network/smartship/node_modules/sha.js/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/sha.js/package.json,/blockchain_integration/pi_network/pi-network-interoperability/node_modules/sha.js/package.json,/blockchain_integration/pi_network/contracts/PI-bank/node_modules/sha.js/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/sha.js/package.json,/projects/oracle-nexus/node_modules/sha.js/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/sha.js/package.json,/blockchain_integration/pi_network/pi-browser-app/apps/AstralPlane/node_modules/sha.js/package.json,/blockchain_integration/pi_network/node_modules/sha.js/package.json,/blockchain_integration/pi_network/PiRide/node_modules/sha.js/package.json,/blockchain_integration/pi_network/PiSure/contracts/node_modules/sha.js/package.json,/sidra_chain_integration/advanced-features/blockchain-based-identity-verification/backend/node_modules/sha.js/package.json Found in HEAD commit: 011e5f9d5ce310049a1a68c19f7df65be4f88caf ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency |...
Vulnerable Library - ganache-cli-6.12.2.tgz Path to dependency file: /blockchain_integration/pi_network/package.json Path to vulnerable library: /blockchain_integration/pi_network/node_modules/ganache-cli/node_modules/secp256k1/package.json Found in HEAD commit: 011e5f9d5ce310049a1a68c19f7df65be4f88caf ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency |...
Vulnerable Library - truffle-5.11.5.tgz Path to dependency file: /blockchain_integration/pi_network/contracts/PI-bank/package.json Path to vulnerable library: /blockchain_integration/pi_network/contracts/node_modules/ganache/node_modules/elliptic/package.json,/blockchain_integration/pi_network/PiSure/contracts/node_modules/ganache/node_modules/elliptic/package.json,/blockchain_integration/pi_network/node_modules/ganache/node_modules/elliptic/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/@truffle/interface-adapter/node_modules/elliptic/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/ganache/node_modules/elliptic/package.json,/blockchain_integration/pi_network/PiSure/contracts/node_modules/@truffle/interface-adapter/node_modules/elliptic/package.json,/blockchain_integration/pi_network/contracts/PI-bank/node_modules/ganache/node_modules/elliptic/package.json,/blockchain_integration/pi_network/contracts/PI-bank/node_modules/@truffle/interface-adapter/node_modules/elliptic/package.json,/blockchain_integration/pi_network/contracts/node_modules/@truffle/interface-adapter/node_modules/elliptic/package.json,/blockchain_integration/pi_network/node_modules/@truffle/interface-adapter/node_modules/elliptic/package.json Found in HEAD commit: d3541aa3e3fabe96b343bad4a2627e5d1fbf8c36 ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency |...
Vulnerable Library - axios-0.21.4.tgz Promise based HTTP client for the browser and node.js Library home page: https://registry.npmjs.org/axios/-/axios-0.21.4.tgz Path to dependency file: /blockchain_integration/pi_network/pi-network-interoperability/package.json Path to vulnerable library: /blockchain_integration/pi_network/pi-network-interoperability/node_modules/axios/package.json,/pi-nexus-explorer/node_modules/axios/package.json,/blockchain_integration/pi_network/onramp-pi/node_modules/axios/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/axios/package.json Found in HEAD...