[Snyk] Security upgrade mongoose from 5.13.14 to 5.13.20 #39
Mend Bolt for GitHub / WhiteSource Security Check
failed
Jul 17, 2023 in 8m 23s
Security Report
3 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2022-25883Dependency Hierarchy: -> preset-env-7.18.6.tgz (Root Library) -> ❌ semver-6.3.0.tgz (Vulnerable Library) |
Medium | 5.3 | semver-6.3.0.tgz | Upgrade to version: semver - 7.5.2 | None |
CVE-2022-25883Dependency Hierarchy: -> preset-env-7.18.6.tgz (Root Library) -> core-js-compat-3.22.1.tgz -> ❌ semver-7.0.0.tgz (Vulnerable Library) |
Medium | 5.3 | semver-7.0.0.tgz | Upgrade to version: semver - 7.5.2 | None |
CVE-2022-25883Dependency Hierarchy: -> cli-7.18.6.tgz (Root Library) -> make-dir-2.1.0.tgz -> ❌ semver-5.7.1.tgz (Vulnerable Library) |
Medium | 5.3 | semver-5.7.1.tgz | Upgrade to version: semver - 7.5.2 | None |
Base branch total remaining vulnerabilities: 1
Base branch commit: 7b5fe0215318641675b73ec5ee42c2571053b042
Total libraries scanned: 326
Scan token: 16beb5507f2a4ec48eb612443138d5c4
Loading