mend-bolt-for-github[bot]
mend-bolt-for-github[bot]
## CVE-2022-3517 - High Severity Vulnerability Vulnerable Library - minimatch-3.0.4.tgz a glob matcher in javascript Library home page: https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz Path to dependency file: /frontend/package.json Path to vulnerable library: /frontend/node_modules/minimatch/package.json Dependency...
## CVE-2024-53981 - High Severity Vulnerability Vulnerable Library - python-multipart-0.0.5.tar.gz A streaming multipart parser for Python Library home page: https://files.pythonhosted.org/packages/46/40/a933ac570bf7aad12a298fc53458115cc74053474a72fbb8201d7dc06d3d/python-multipart-0.0.5.tar.gz Path to dependency file: /backend/requirements.txt Path to vulnerable library: /backend/requirements.txt...
## CVE-2024-55565 - Medium Severity Vulnerability Vulnerable Library - nanoid-3.3.1.tgz A tiny (130 bytes), secure URL-friendly unique string ID generator Library home page: https://registry.npmjs.org/nanoid/-/nanoid-3.3.1.tgz Path to dependency file: /frontend/root-config/package.json Path...
## CVE-2022-37601 - Critical Severity Vulnerability Vulnerable Library - loader-utils-2.0.1.tgz utils for webpack loaders Library home page: https://registry.npmjs.org/loader-utils/-/loader-utils-2.0.1.tgz Path to dependency file: /frontend/root-config/package.json Path to vulnerable library: /frontend/root-config/package.json Dependency Hierarchy:...
## CVE-2025-27152 - High Severity Vulnerability Vulnerable Library - axios-0.21.4.tgz Promise based HTTP client for the browser and node.js Library home page: https://registry.npmjs.org/axios/-/axios-0.21.4.tgz Path to dependency file: /package.json Path to...
## CVE-2025-27789 - Medium Severity Vulnerability Vulnerable Libraries - helpers-7.15.4.tgz, runtime-7.15.4.tgz helpers-7.15.4.tgz Collection of helper functions used by Babel transforms. Library home page: https://registry.npmjs.org/@babel/helpers/-/helpers-7.15.4.tgz Path to dependency file: /server/client/package.json Path...
## CVE-2024-21538 - High Severity Vulnerability Vulnerable Libraries - cross-spawn-7.0.3.tgz, cross-spawn-5.1.0.tgz, cross-spawn-6.0.5.tgz cross-spawn-7.0.3.tgz Cross platform child_process#spawn and child_process#spawnSync Library home page: https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz Dependency Hierarchy: - pretty-quick-3.1.1.tgz (Root Library) - execa-4.1.0.tgz...
## WS-2023-0439 - High Severity Vulnerability Vulnerable Library - axios-0.21.4.tgz Promise based HTTP client for the browser and node.js Library home page: https://registry.npmjs.org/axios/-/axios-0.21.4.tgz Path to dependency file: /server/client/package.json Path to...
## CVE-2024-55565 - Medium Severity Vulnerability Vulnerable Library - nanoid-3.1.25.tgz A tiny (108 bytes), secure URL-friendly unique string ID generator Library home page: https://registry.npmjs.org/nanoid/-/nanoid-3.1.25.tgz Dependency Hierarchy: - webpack-config-single-spa-ts-4.1.0.tgz (Root Library)...
## CVE-2025-27152 - High Severity Vulnerability Vulnerable Library - axios-0.21.4.tgz Promise based HTTP client for the browser and node.js Library home page: https://registry.npmjs.org/axios/-/axios-0.21.4.tgz Path to dependency file: /server/client/package.json Path to...