mend-bolt-for-github[bot]
mend-bolt-for-github[bot]
## CVE-2021-31597 - Medium Severity Vulnerability Vulnerable Library - xmlhttprequest-ssl-1.5.5.tgz XMLHttpRequest for Node Library home page: https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.5.tgz Path to dependency file: dogehouse-site/package.json Path to vulnerable library: dogehouse-site/node_modules/xmlhttprequest-ssl/package.json Dependency Hierarchy: -...
## CVE-2021-29469 - Medium Severity Vulnerability Vulnerable Library - redis-3.0.2.tgz A high performance Redis client. Library home page: https://registry.npmjs.org/redis/-/redis-3.0.2.tgz Path to dependency file: dogehouse-site/package.json Path to vulnerable library: dogehouse-site/node_modules/redis/package.json Dependency...
## CVE-2020-28502 - High Severity Vulnerability Vulnerable Library - xmlhttprequest-ssl-1.5.5.tgz XMLHttpRequest for Node Library home page: https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.5.tgz Path to dependency file: dogehouse-site/package.json Path to vulnerable library: dogehouse-site/node_modules/xmlhttprequest-ssl/package.json Dependency Hierarchy: -...
Welcome to [WhiteSource Bolt for GitHub](https://github.com/marketplace/whitesource-bolt)! This is an onboarding PR to help you understand and configure settings before WhiteSource starts scanning your repository for security vulnerabilities. :vertical_traffic_light: WhiteSource Bolt...
## CVE-2021-45711 - High Severity Vulnerability Vulnerable Library - simple_asn1-0.5.4.crate A simple DER/ASN.1 encoding/decoding library. Library home page: https://crates.io/api/v1/crates/simple_asn1/0.5.4/download Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency...
## CVE-2024-32984 - High Severity Vulnerability Vulnerable Library - yamux-0.12.1.crate Multiplexer over reliable, ordered connections Library home page: https://static.crates.io/crates/yamux/yamux-0.12.1.crate Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency...
## CVE-2024-45311 - High Severity Vulnerability Vulnerable Library - iroh-quinn-proto-0.11.6.crate State machine for the QUIC transport protocol Library home page: https://static.crates.io/crates/iroh-quinn-proto/iroh-quinn-proto-0.11.6.crate Path to dependency file: /Cargo.toml Path to vulnerable library:...
Vulnerable Library - Werkzeug-2.2.3-py3-none-any.whl The comprehensive WSGI web application library. Library home page: https://files.pythonhosted.org/packages/f6/f8/9da63c1617ae2a1dec2fbf6412f3a0cfe9d4ce029eccbda6e1e4258ca45f/Werkzeug-2.2.3-py3-none-any.whl Path to dependency file: /requirements.txt Path to vulnerable library: /requirements.txt,/Pi-CryptoConnect-Xtreme/requirements.txt Found in HEAD commit: 2ed3e6d266405677eb45c15a472c288b604a1cad ##...
Vulnerable Library - Flask-2.0.2-py3-none-any.whl A simple framework for building complex web applications. Library home page: https://files.pythonhosted.org/packages/8f/b6/b4fdcb6d01ee20f9cfe81dcf9d3cd6c2f874b996f186f1c0b898c4a59c04/Flask-2.0.2-py3-none-any.whl Path to dependency file: /requirements.txt Path to vulnerable library: /requirements.txt Found in HEAD commit:...
Vulnerable Library - transformers-4.9.2-py3-none-any.whl State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Library home page: https://files.pythonhosted.org/packages/f9/35/75ade98da1e5b36a7a055fa3257d9b61769914a416b8844d6e4b237219e4/transformers-4.9.2-py3-none-any.whl Path to dependency file: /requirements.txt Path to vulnerable library: /requirements.txt Found in HEAD commit:...