mend-bolt-for-github[bot]

Results 3421 issues of


                                            mend-bolt-for-github[bot]

CVE-2021-27292 (High) detected in ua-parser-js-0.7.22.tgz

## CVE-2021-27292 - High Severity Vulnerability Vulnerable Library - ua-parser-js-0.7.22.tgz Lightweight JavaScript-based user-agent string parser Library home page: https://registry.npmjs.org/ua-parser-js/-/ua-parser-js-0.7.22.tgz Path to dependency file: /day59/package.json Path to vulnerable library: /day59/package.json,/day60/package.json Dependency...

Mend: dependency security vulnerability

CVE-2020-28168 (Medium) detected in axios-0.19.0.tgz

## CVE-2020-28168 - Medium Severity Vulnerability Vulnerable Library - axios-0.19.0.tgz Promise based HTTP client for the browser and node.js Library home page: https://registry.npmjs.org/axios/-/axios-0.19.0.tgz Path to dependency file: /day59/package.json Path to...

Mend: dependency security vulnerability

CVE-2021-23368 (Medium) detected in postcss-7.0.35.tgz

## CVE-2021-23368 - Medium Severity Vulnerability Vulnerable Library - postcss-7.0.35.tgz Tool for transforming styles with JS plugins Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz Path to dependency file: /day60/package.json Path to vulnerable library:...

Mend: dependency security vulnerability

CVE-2021-23364 (Medium) detected in browserslist-4.14.6.tgz

## CVE-2021-23364 - Medium Severity Vulnerability Vulnerable Library - browserslist-4.14.6.tgz Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset Library home page: https://registry.npmjs.org/browserslist/-/browserslist-4.14.6.tgz Path to dependency file:...

Mend: dependency security vulnerability

CVE-2021-23362 (Medium) detected in hosted-git-info-2.7.1.tgz

## CVE-2021-23362 - Medium Severity Vulnerability Vulnerable Library - hosted-git-info-2.7.1.tgz Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab Library home page: https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.7.1.tgz Path to dependency file:...

Mend: dependency security vulnerability

WS-2020-0443 (High) detected in socket.io-2.1.1.tgz

## WS-2020-0443 - High Severity Vulnerability Vulnerable Library - socket.io-2.1.1.tgz node.js realtime framework server Library home page: https://registry.npmjs.org/socket.io/-/socket.io-2.1.1.tgz Path to dependency file: /day60/package.json Path to vulnerable library: /day60/package.json,/day59/package.json Dependency Hierarchy:...

Mend: dependency security vulnerability

CVE-2020-36049 (High) detected in socket.io-parser-3.3.1.tgz, socket.io-parser-3.2.0.tgz

## CVE-2020-36049 - High Severity Vulnerability Vulnerable Libraries - socket.io-parser-3.3.1.tgz, socket.io-parser-3.2.0.tgz socket.io-parser-3.3.1.tgz socket.io protocol parser Library home page: https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-3.3.1.tgz Path to dependency file: /day60/package.json Path to vulnerable library: /day60/package.json,/day59/package.json Dependency...

Mend: dependency security vulnerability

CVE-2020-36048 (High) detected in engine.io-3.2.1.tgz

## CVE-2020-36048 - High Severity Vulnerability Vulnerable Library - engine.io-3.2.1.tgz The realtime engine behind Socket.IO. Provides the foundation of a bidirectional connection between client and server Library home page: https://registry.npmjs.org/engine.io/-/engine.io-3.2.1.tgz...

Mend: dependency security vulnerability

CVE-2021-37713 (High) detected in tar-4.4.13.tgz, tar-2.2.2.tgz

## CVE-2021-37713 - High Severity Vulnerability Vulnerable Libraries - tar-4.4.13.tgz, tar-2.2.2.tgz tar-4.4.13.tgz tar for node Library home page: https://registry.npmjs.org/tar/-/tar-4.4.13.tgz Path to dependency file: /day60/package.json Path to vulnerable library: /day60/package.json,/day59/package.json Dependency...

Mend: dependency security vulnerability

CVE-2021-37712 (High) detected in tar-2.2.2.tgz, tar-4.4.13.tgz

## CVE-2021-37712 - High Severity Vulnerability Vulnerable Libraries - tar-2.2.2.tgz, tar-4.4.13.tgz tar-2.2.2.tgz tar for node Library home page: https://registry.npmjs.org/tar/-/tar-2.2.2.tgz Path to dependency file: /day59/package.json Path to vulnerable library: /day59/package.json,/day60/package.json Dependency...

Mend: dependency security vulnerability

‹
1
2
...
31
32
33
34
35
36
37
...
342
343
›