mend-bolt-for-github[bot]

## CVE-2025-6176 - High Severity Vulnerability Vulnerable Library - scrapy-2.13.3-py3-none-any.whl A high-level Web Crawling and Web Scraping framework Library home page: https://files.pythonhosted.org/packages/53/cb/474b56910b9fb823298008444790a6d5fb9c8dfb936101136932d586287a/scrapy-2.13.3-py3-none-any.whl Path to dependency file: /requirements.txt Path to vulnerable...

## CVE-2018-20801 - High Severity Vulnerability Vulnerable Library - highcharts.src-4.0.1.js Highcharts is a charting library written in pure JavaScript, offering an easy way of adding interactive charts to your web...

Vulnerable Library - cli-1.0.1.tgz Path to dependency file: /package.json Path to vulnerable library: /package.json ## Vulnerabilities | Vulnerability | Severity | CVSS | Dependency | Type | Fixed in (cli...

Configure Mend Bolt for GitHub

1

Welcome to [Mend Bolt for GitHub](https://github.com/apps/mend-bolt-for-github) (formerly WhiteSource). This is an onboarding PR to help you understand and configure settings before Mend starts scanning your repository for security vulnerabilities. :vertical_traffic_light:...

## CVE-2024-41818 - High Severity Vulnerability Vulnerable Library - fast-xml-parser-4.2.5.tgz Library home page: https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-4.2.5.tgz Path to dependency file: /migrations/migration-rrule-recurrence/package.json Path to vulnerable library: /migrations/migration-rrule-recurrence/package.json,/migrations/migration-entity-roles/package.json Dependency Hierarchy: - mongodb-6.4.0.tgz (Root Library)...

## CVE-2024-29415 - Critical Severity Vulnerability Vulnerable Library - ip-2.0.0.tgz [](https://www.npmjs.com/package/ip) Library home page: https://registry.npmjs.org/ip/-/ip-2.0.0.tgz Path to dependency file: /migrations/migration-entity-roles/package.json Path to vulnerable library: /migrations/migration-entity-roles/package.json,/migrations/migration-rrule-recurrence/package.json Dependency Hierarchy: - mongodb-6.4.0.tgz (Root...

## CVE-2025-59437 - Low Severity Vulnerability Vulnerable Library - ip-2.0.0.tgz [](https://www.npmjs.com/package/ip) Library home page: https://registry.npmjs.org/ip/-/ip-2.0.0.tgz Path to dependency file: /migrations/migration-entity-roles/package.json Path to vulnerable library: /migrations/migration-entity-roles/package.json,/migrations/migration-rrule-recurrence/package.json Dependency Hierarchy: - mongodb-6.4.0.tgz (Root...

## CVE-2025-59436 - Low Severity Vulnerability Vulnerable Library - ip-2.0.0.tgz [](https://www.npmjs.com/package/ip) Library home page: https://registry.npmjs.org/ip/-/ip-2.0.0.tgz Path to dependency file: /migrations/migration-entity-roles/package.json Path to vulnerable library: /migrations/migration-entity-roles/package.json,/migrations/migration-rrule-recurrence/package.json Dependency Hierarchy: - mongodb-6.4.0.tgz (Root...

CVE-2023-42282 (Critical) detected in ip-2.0.0.tgz

12

## CVE-2023-42282 - Critical Severity Vulnerability Vulnerable Library - ip-2.0.0.tgz [](https://www.npmjs.com/package/ip) Library home page: https://registry.npmjs.org/ip/-/ip-2.0.0.tgz Path to dependency file: /migrations/migration-entity-roles/package.json Path to vulnerable library: /migrations/migration-entity-roles/package.json,/migrations/migration-rrule-recurrence/package.json Dependency Hierarchy: - mongodb-6.4.0.tgz (Root...

Welcome to [Mend Bolt for GitHub](https://github.com/apps/mend-bolt-for-github) (formerly WhiteSource). This is an onboarding PR to help you understand and configure settings before Mend starts scanning your repository for security vulnerabilities. :vertical_traffic_light:...