mend-bolt-for-github[bot]

Results 3422 issues of


                                            mend-bolt-for-github[bot]

WS-2021-0177 (High) detected in multiple libraries

16

comment

## WS-2021-0177 - High Severity Vulnerability Vulnerable Libraries - luav5.4.7, luav5.4.7, luav5.4.7 luav5.4.7 The Lua development repository, as seen by the Lua team. Mirrored irregularly. Please DO NOT send pull...

Mend: dependency security vulnerability

CVE-2025-25724 (Medium) detected in libarchivev3.7.7

2

comment

## CVE-2025-25724 - Medium Severity Vulnerability Vulnerable Library - libarchivev3.7.7 Multi-format archive and compression library Library home page: https://github.com/libarchive/libarchive.git Found in base branch: master Vulnerable Source Files (1) /contrib/libarchive/tar/util.c Vulnerability...

Mend: dependency security vulnerability

CVE-2022-28805 (Critical) detected in luav5.4.7

22

comment

## CVE-2022-28805 - Critical Severity Vulnerability Vulnerable Library - luav5.4.7 The Lua development repository, as seen by the Lua team. Mirrored irregularly. Please DO NOT send pull requests. Report issues...

Mend: dependency security vulnerability

CVE-2024-6484 (Medium) detected in bootstrap-3.3.7.min.js

## CVE-2024-6484 - Medium Severity Vulnerability Vulnerable Library - bootstrap-3.3.7.min.js The most popular front-end framework for developing responsive, mobile first projects on the web. Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js Path to...

Mend: dependency security vulnerability

CVE-2020-11022 (Medium) detected in jquery-3.1.1.min.js

1

comment

## CVE-2020-11022 - Medium Severity Vulnerability Vulnerable Library - jquery-3.1.1.min.js JavaScript library for DOM operations Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js Path to dependency file: /rubycritic/seek/seek.html Path to vulnerable library: /rubycritic/seek/../assets/vendor/javascripts/jquery.min.js,/rubycritic/scrapers/ruby/nokogiri/../../../assets/vendor/javascripts/jquery.min.js,/rubycritic/well-formed/../assets/vendor/javascripts/jquery.min.js,/rubycritic/drivers/../assets/vendor/javascripts/jquery.min.js,/rubycritic/charts/../assets/vendor/javascripts/jquery.min.js,/rubycritic/built-in-datatypes/../assets/vendor/javascripts/jquery.min.js,/rubycritic/ruby-strip/../assets/vendor/javascripts/jquery.min.js,/rubycritic/ruby-eclipse-cheatsheets-to-dita/../assets/vendor/javascripts/jquery.min.js,/rubycritic/assets/vendor/javascripts/jquery.min.js,/rubycritic/hashcheck/../assets/vendor/javascripts/jquery.min.js Dependency...

Mend: dependency security vulnerability

glob-11.0.2.tgz: 1 vulnerabilities (highest severity is: 7.5)

Vulnerable Library - glob-11.0.2.tgz Path to dependency file: /package.json Path to vulnerable library: /package.json Found in HEAD commit: 7c4260e183a433daf7a36ab9ca02a0e7dbc5f539 ## Vulnerabilities | CVE | Severity | CVSS | Dependency |...

Mend: dependency security vulnerability

CVE-2024-21538 (High) detected in cross-spawn-7.0.3.tgz

## CVE-2024-21538 - High Severity Vulnerability Vulnerable Library - cross-spawn-7.0.3.tgz Cross platform child_process#spawn and child_process#spawnSync Library home page: https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz Path to dependency file: /cli/src/package.json Path to vulnerable library: /cli/src/package.json Dependency...

Mend: dependency security vulnerability

Wait for parent dependency update

CVE-2021-32050 (Medium) detected in mongodb-4.1.3.tgz

2

comment

## CVE-2021-32050 - Medium Severity Vulnerability Vulnerable Library - mongodb-4.1.3.tgz The official MongoDB driver for Node.js Library home page: https://registry.npmjs.org/mongodb/-/mongodb-4.1.3.tgz Path to dependency file: /src/tooling/migration-opfab3/package.json Path to vulnerable library: /src/tooling/migration-opfab3/node_modules/mongodb/package.json...

Mend: dependency security vulnerability

CVE-2025-25193 (Medium) detected in netty-common-4.1.115.Final.jar

## CVE-2025-25193 - Medium Severity Vulnerability Vulnerable Library - netty-common-4.1.115.Final.jar Library home page: https://netty.io/ Path to dependency file: /src/test/api/karate/karateTests.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.115.Final/9da10a9f72e3f87e181d91b525174007a6fc4f11/netty-common-4.1.115.Final.jar Dependency Hierarchy: - karate-junit5-1.5.1.jar (Root Library)...

Mend: dependency security vulnerability

Wait for parent dependency update

CVE-2025-24970 (High) detected in netty-handler-4.1.115.Final.jar

1

comment

## CVE-2025-24970 - High Severity Vulnerability Vulnerable Library - netty-handler-4.1.115.Final.jar Library home page: https://netty.io/ Path to dependency file: /src/test/api/karate/karateTests.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/io.netty/netty-handler/4.1.115.Final/d54dbf68b9d88a98240107758c6b63da5e46e23a/netty-handler-4.1.115.Final.jar Dependency Hierarchy: - karate-junit5-1.5.1.jar (Root Library)...

Mend: dependency security vulnerability

Wait for parent dependency update

Not affected

‹
1
2
...
316
317
318
319
320
321
322
...
342
343
›