mend-bolt-for-github[bot]
mend-bolt-for-github[bot]
## CVE-2025-43857 - High Severity Vulnerability Vulnerable Library - net-imap-0.5.6.gem Ruby client api for Internet Message Access Protocol Library home page: https://rubygems.org/gems/net-imap-0.5.6.gem Path to dependency file: /Gemfile.lock Path to vulnerable...
## CVE-2025-27788 - High Severity Vulnerability Vulnerable Library - json-2.10.1.gem This is a JSON implementation as a Ruby extension in C. Library home page: https://rubygems.org/gems/json-2.10.1.gem Path to dependency file: /Gemfile.lock...
## CVE-2025-27610 - High Severity Vulnerability Vulnerable Library - rack-2.2.11.gem Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses...
## CVE-2025-27111 - Medium Severity Vulnerability Vulnerable Library - rack-2.2.11.gem Rack provides a minimal, modular and adaptable interface for developing web applications in Ruby. By wrapping HTTP requests and responses...
Welcome to [Mend Bolt for GitHub](https://github.com/apps/mend-bolt-for-github) (formerly WhiteSource). This is an onboarding PR to help you understand and configure settings before Mend starts scanning your repository for security vulnerabilities. :vertical_traffic_light:...
Vulnerable Library - astro-5.7.14.tgz Path to dependency file: /package.json Path to vulnerable library: /package.json Found in HEAD commit: d23ef66f4f9b4bbe330106cf12d0246244236b16 ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency |...
Vulnerable Library - vercel-8.1.4.tgz Path to dependency file: /package.json Path to vulnerable library: /package.json Found in HEAD commit: 6bfaf4e7eafa6b6496efbf816755870e2956c9f6 ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency |...
Vulnerable Library - hardhat-2.24.0.tgz Path to vulnerable library: /blockchain_integration/pi_network/pi-network-layer2-scaling/node_modules/cookie/package.json,/blockchain_integration/pi_network/contracts/PI-bank/node_modules/cookie/package.json,/projects/oracle-nexus/node_modules/cookie/package.json Found in HEAD commit: 011e5f9d5ce310049a1a68c19f7df65be4f88caf ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency | Type | Fixed in (hardhat...
Vulnerable Library - jest-26.6.3.tgz Path to dependency file: /blockchain_integration/pi_network/SpacePi/package.json Path to vulnerable library: /blockchain_integration/pi_network/PiSure/client/node_modules/watchpack-chokidar2/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/webpack/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/sane/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/readdirp/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/http-proxy-middleware/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/webpack-dev-server/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/webpack-dev-server/node_modules/micromatch/package.json,/blockchain_integration/pi_network/SpacePi/node_modules/sane/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/webpack/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/fork-ts-checker-webpack-plugin/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/watchpack-chokidar2/node_modules/micromatch/package.json,/blockchain_integration/pi_network/PiSure/client/node_modules/sane/node_modules/micromatch/package.json,/blockchain_integration/pi_network/pi-browser-app/node_modules/http-proxy-middleware/node_modules/micromatch/package.json ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency | Type | Fixed in (jest...
Vulnerable Library - mongoose-5.13.23.tgz Mongoose MongoDB ODM Library home page: https://registry.npmjs.org/mongoose/-/mongoose-5.13.23.tgz Path to dependency file: /blockchain_integration/pi_network/onramp-pi/package.json Path to vulnerable library: /blockchain_integration/pi_network/onramp-pi/node_modules/mongoose/package.json,/blockchain_integration/pi_network/PiSure/server/node_modules/mongoose/package.json,/ai-financial-advisor/node_modules/mongoose/package.json,/pi-nexus-api/node_modules/mongoose/package.json,/blockchain_integration/pi_network/PiRide/node_modules/mongoose/package.json,/server/node_modules/mongoose/package.json,/projects/Nexarion/node_modules/mongoose/package.json,/sidra_chain_integration/advanced-features/blockchain-based-identity-verification/backend/node_modules/mongoose/package.json Found in HEAD commit: 011e5f9d5ce310049a1a68c19f7df65be4f88caf ## Vulnerabilities | Vulnerability...