[Snyk] Fix for 1 vulnerabilities#336
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2024-4068Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> lint-staged-7.2.2.tgz (Root Library) -> micromatch-3.1.10.tgz -> ❌ braces-2.3.2.tgz (Vulnerable Library) |
 High |
7.5 | braces-2.3.2.tgz | Upgrade to version: braces - 3.0.3 | None |
CVE-2022-21191Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> webpack-cli-3.1.1.tgz (Root Library) -> ❌ global-modules-path-2.3.1.tgz (Vulnerable Library) |
High |
7.4 | global-modules-path-2.3.1.tgz | Upgrade to version: global-modules-path - 3.0.0 | #294 |
CVE-2024-4067Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> lint-staged-7.2.2.tgz (Root Library) -> ❌ micromatch-3.1.10.tgz (Vulnerable Library) |
 Medium |
5.3 | micromatch-3.1.10.tgz | Upgrade to version: micromatch - 4.0.8 | None |
CVE-2024-4067Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> babel-cli-6.26.0.tgz (Root Library) -> chokidar-1.7.0.tgz -> anymatch-1.3.2.tgz -> ❌ micromatch-2.3.11.tgz (Vulnerable Library) |
Medium |
5.3 | micromatch-2.3.11.tgz | Upgrade to version: micromatch - 4.0.8 | None |
CVE-2020-7608Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> concurrently-4.0.1.tgz (Root Library) -> yargs-12.0.5.tgz -> ❌ yargs-parser-11.1.1.tgz (Vulnerable Library) |
Medium |
5.3 | yargs-parser-11.1.1.tgz | Upgrade to version: 5.0.1;13.1.2;15.0.1;18.1.1 | #110 |
CVE-2021-23358Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sitemap-1.13.0.tgz (Root Library) -> ❌ underscore-1.7.0.tgz (Vulnerable Library) |
 Low |
3.3 | underscore-1.7.0.tgz | Upgrade to version: underscore - 1.12.1 | #207 |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2018-19826 | node-sass-v4.9.0 |
| CVE-2018-11696 | node-sass-v4.9.0 |
| CVE-2018-20190 | node-sass-v4.9.0 |
| CVE-2020-7608 | yargs-parser-10.1.0.tgz |
| CVE-2022-21191 | global-modules-path-2.1.0.tgz |
| CVE-2018-20821 | node-sass-v4.9.0 |
| CVE-2018-11697 | CSS::Sass-v3.4.12 |
| CVE-2021-23369 | handlebars-4.1.2.tgz |
| CVE-2018-19839 | CSS::Sass-v3.4.12 |
| CVE-2019-6284 | node-sass-v4.9.0 |
| CVE-2020-15366 | ajv-6.5.2.tgz |
| WS-2020-0450 | handlebars-4.1.2.tgz |
| CVE-2019-19919 | handlebars-4.1.2.tgz |
| WS-2019-0605 | node-sass-v4.9.0 |
| CVE-2019-6286 | node-sass-v4.9.0 |
| CVE-2018-20822 | node-sass-v4.9.0 |
| CVE-2019-18797 | node-sass-v4.9.0 |
| CVE-2019-6283 | node-sass-v4.9.0 |
| CVE-2018-11698 | node-sass-v4.9.0 |
| CVE-2018-11499 | node-sass-v4.9.0 |
| CVE-2021-23383 | handlebars-4.1.2.tgz |
| CVE-2018-11693 | node-sass-v4.9.0 |
| CVE-2018-11694 | node-sass-v4.9.0 |
| CVE-2022-26592 | node-sass-v4.9.0 |
| CVE-2019-10744 | lodash.merge-4.6.1.tgz |
| CVE-2018-11697 | node-sass-v4.9.0 |
| CVE-2018-19838 | node-sass-v4.9.0 |
| CVE-2025-54798 | tmp-0.0.33.tgz |
| CVE-2019-20920 | handlebars-4.1.2.tgz |
| CVE-2019-20922 | handlebars-4.1.2.tgz |
| CVE-2018-19827 | node-sass-v4.9.0 |
| CVE-2018-19837 | node-sass-v4.9.0 |
| CVE-2018-19797 | node-sass-v4.9.0 |
| WS-2019-0307 | mem-1.1.0.tgz |
| CVE-2019-15657 | eslint-utils-1.3.1.tgz |
Base branch total remaining vulnerabilities: 207
Base branch commit: null
Total libraries scanned: 1256
Scan token: 9dc9f0196f6a4c9abd3e7662c532b549