Woocommerce-v2
Woocommerce-v2 copied to clipboard
Flutterwave
Update README.md
Checkmarx One – Scan Summary & Details – d3cb1469-e79e-44b6-9cdf-1ca7e1e16cdd
New Issues (6)
Checkmarx found the following issues in this Pull Request
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
CVE-2025-58754 | Npm-axios-0.21.4 | detailsRecommended version: 0.30.2Description: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to version 1.12.0 runs on Node.js and is given a URL with the "d... Attack Vector: NETWORK Attack Complexity: LOW ID: tuQfu0Mqd4kYnKKooKwYCcfzReKoEwi9HFRpBn1Uypg%3D |
|
CVE-2025-58754 | Npm-axios-0.25.0 | detailsRecommended version: 0.30.2Description: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to version 1.12.0 runs on Node.js and is given a URL with the "d... Attack Vector: NETWORK Attack Complexity: LOW ID: xCVua2ehziTJVw%2F66%2FGKAZvyTvz2S984GaE6FipoqR8%3D |
|
CVE-2025-59343 | Npm-tar-fs-2.1.1 | detailsRecommended version: 2.1.4Description: tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.4, and 1.16.6 are vulnerable to symlink validation bypass if the d... Attack Vector: NETWORK Attack Complexity: LOW ID: Q8BvxC%2B5tq6GWiBtvfxDfIm%2BUcokWWtL1YZWuYsKwhA%3D |
 |
CVE-2025-58751 | Npm-sirv-1.0.19 | detailsRecommended version: 3.0.2Description: Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the ... Attack Vector: NETWORK Attack Complexity: LOW ID: 5P4Wr9Gv0morFg5tdXFeVbKQQiHB1lILOFnxscnFlKc%3D |
|
CVE-2025-58751 | Npm-vite-4.2.1 | detailsRecommended version: 5.4.20Description: Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the ... Attack Vector: NETWORK Attack Complexity: LOW ID: X4MgT%2BNxsLIeHziAzcA1d8czpzLMGtzTMZtq8c3OtSM%3D |
|
CVE-2025-58752 | Npm-vite-4.2.1 | detailsRecommended version: 5.4.20Description: Vite is a frontend tooling framework for JavaScript. In Vite versions through 5.4.19, 6.x through 6.3.5, 7.0.x through 7.0.6 and 7.1.x through 7.1.... Attack Vector: NETWORK Attack Complexity: LOW ID: etdeV3eS01ibFsvRWFNGhfvTxKLNxzvx8%2FrQsyAMBSM%3D |
Fixed Issues (1)
Great job! The following issues were fixed in this Pull Request
| Severity | Issue | Source File / Package |
|---|---|---|
 |
~~CVE-2025-7969~~ | Npm-markdown-it-12.3.2 |
Policy Management Violations (1)
| Policy Name | Rule(s) | Break Build |
|---|---|---|
| Quality Gate - v3 | Open Source Vulnerable Package | true |
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}