Skip to content

Update dependency @sentry/browser to v8.15.0

Mend Bolt for GitHub / WhiteSource Security Check succeeded Jul 6, 2024 in 16m 56s

Security Report

The Security Check found 7 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-29415

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> doc-site-0.0.0.tgz (Root Library)

   -> plugin-ideal-image-3.4.0.tgz

     -> sharp-0.32.6.tgz

       -> node-gyp-8.2.0.tgz

         -> make-fetch-happen-8.0.14.tgz

           -> socks-proxy-agent-5.0.1.tgz

             -> socks-2.6.1.tgz

               -> ❌ ip-1.1.9.tgz (Vulnerable Library)

Critical 9.1 ip-1.1.9.tgz #6560
CVE-2024-37890

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> webpack-bundle-analyzer-4.10.2.tgz (Root Library)

   -> ❌ ws-7.5.4.tgz (Vulnerable Library)

High 7.5 ws-7.5.4.tgz Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 #9079
CVE-2024-37890

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> doc-site-0.0.0.tgz (Root Library)

   -> graphql-config-5.0.3.tgz

     -> url-loader-8.0.0.tgz

       -> executor-graphql-ws-1.0.0.tgz

         -> ❌ ws-8.13.0.tgz (Vulnerable Library)

High 7.5 ws-8.13.0.tgz Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 #6560
CVE-2024-37890

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> doc-site-0.0.0.tgz (Root Library)

   -> core-3.4.0.tgz

     -> webpack-dev-server-4.15.1.tgz

       -> ❌ ws-8.16.0.tgz (Vulnerable Library)

High 7.5 ws-8.16.0.tgz Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 #6560
CVE-2024-37890

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> graphql-language-service-utils-2.7.1.tgz (Root Library)

   -> graphql-language-service-types-1.8.7.tgz

     -> graphql-config-4.5.0.tgz

       -> url-loader-7.16.28.tgz

         -> ❌ ws-8.11.0.tgz (Vulnerable Library)

High 7.5 ws-8.11.0.tgz Upgrade to version: ws - 5.2.4,6.2.3,7.5.10,8.17.1 #6559
CVE-2022-37603

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> doc-site-0.0.0.tgz (Root Library)

   -> core-3.4.0.tgz

     -> react-dev-utils-12.0.1.tgz

       -> ❌ loader-utils-3.2.0.tgz (Vulnerable Library)

High 7.5 loader-utils-3.2.0.tgz Upgrade to version: loader-utils - 1.4.2,2.0.4,3.2.1 #6560
CVE-2022-3517

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> doc-site-0.0.0.tgz (Root Library)

   -> core-3.4.0.tgz

     -> react-dev-utils-12.0.1.tgz

       -> recursive-readdir-2.2.2.tgz

         -> ❌ minimatch-3.0.4.tgz (Vulnerable Library)

High 7.5 minimatch-3.0.4.tgz Upgrade to version: minimatch - 3.0.5 #6560

Total libraries scanned: 1965
Scan token: 715febcf286b4a15a3071562894fefdb
View more details on Mend Bolt for GitHub