Skip to content

Merge pull request #2587 from exadel-inc/dependabot/npm_and_yarn/lint…

Mend Bolt for GitHub / WhiteSource Security Check succeeded Aug 13, 2024 in 1m 30s

Security Report

The Security Check found 3 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
MSC-2024-8222

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> @exadel/esl-website-4.18.0.tgz (Root Library)

   -> ❌ intersection-observer-0.12.2.tgz (Vulnerable Library)

Critical 9.8 intersection-observer-0.12.2.tgz #2491
CVE-2024-39338

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> @exadel/esl-snapshot-tests-4.18.0.tgz (Root Library)

   -> jest-puppeteer-10.0.1.tgz

     -> jest-environment-puppeteer-10.0.1.tgz

       -> jest-dev-server-10.0.0.tgz

         -> wait-on-7.2.0.tgz

           -> ❌ axios-1.7.2.tgz (Vulnerable Library)

High 7.5 axios-1.7.2.tgz #2582
CVE-2024-4067

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> @exadel/esl-website-4.18.0.tgz (Root Library)

   -> eleventy-2.0.1.tgz

     -> ❌ micromatch-4.0.7.tgz (Vulnerable Library)

Medium 5.3 micromatch-4.0.7.tgz #2406

Total libraries scanned: 796
Scan token: cc89bc1253e0498e8ccbe1e049744882
View more details on Mend Bolt for GitHub