[Snyk] Fix for 1 vulnerabilities by attesch · Pull Request #339 · attesch/cezerin

Security Report

You have successfully remediated 40 vulnerabilities, but introduced 4 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Direct Library	Suggested Fix	Issue
CVE-2024-4068 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> lint-staged-7.2.2.tgz (Root Library) -> micromatch-3.1.10.tgz -> ❌ braces-2.3.2.tgz (Vulnerable Library)	High	7.5	`Transitive` braces-2.3.2.tgz	lint-staged-7.2.2.tgz	`Transitive` braces - 3.0.3	None
CVE-2024-4067 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> lint-staged-7.2.2.tgz (Root Library) -> ❌ micromatch-3.1.10.tgz (Vulnerable Library)	Medium	5.3	`Transitive` micromatch-3.1.10.tgz	lint-staged-7.2.2.tgz	`Transitive` 4.0.8	None
CVE-2024-4067 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> babel-cli-6.26.0.tgz (Root Library) -> chokidar-1.7.0.tgz -> anymatch-1.3.2.tgz -> ❌ micromatch-2.3.11.tgz (Vulnerable Library)	Medium	5.3	`Transitive` micromatch-2.3.11.tgz	babel-cli-6.26.0.tgz	`Transitive` 4.0.8	None
CVE-2021-23358 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sitemap-1.13.0.tgz (Root Library) -> ❌ underscore-1.7.0.tgz (Vulnerable Library)	Low	3.3	`Transitive` underscore-1.7.0.tgz	sitemap-1.13.0.tgz	`Transitive` 1.12.1	#207

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
CVE-2018-19826	node-sass-v4.9.0
CVE-2025-64718	js-yaml-3.10.0.tgz
CVE-2018-11696	node-sass-v4.9.0
CVE-2018-20190	node-sass-v4.9.0
WS-2019-0063	js-yaml-3.10.0.tgz
CVE-2018-20821	node-sass-v4.9.0
CVE-2018-11697	CSS::Sass-v3.4.12
CVE-2021-23364	browserslist-4.1.0.tgz
CVE-2021-23369	handlebars-4.1.2.tgz
CVE-2018-19839	CSS::Sass-v3.4.12
CVE-2021-29060	color-string-1.5.3.tgz
CVE-2019-6284	node-sass-v4.9.0
CVE-2020-15366	ajv-6.5.2.tgz
WS-2020-0450	handlebars-4.1.2.tgz
CVE-2020-8116	dot-prop-4.2.0.tgz
CVE-2019-19919	handlebars-4.1.2.tgz
WS-2019-0605	node-sass-v4.9.0
CVE-2021-29059	is-svg-3.0.0.tgz
CVE-2019-6286	node-sass-v4.9.0
CVE-2018-20822	node-sass-v4.9.0
CVE-2019-18797	node-sass-v4.9.0
CVE-2019-6283	node-sass-v4.9.0
CVE-2018-11698	node-sass-v4.9.0
CVE-2018-11499	node-sass-v4.9.0
CVE-2021-23383	handlebars-4.1.2.tgz
CVE-2018-11693	node-sass-v4.9.0
CVE-2018-11694	node-sass-v4.9.0
CVE-2022-26592	node-sass-v4.9.0
WS-2021-0152	color-string-1.5.3.tgz
CVE-2019-10744	lodash.merge-4.6.1.tgz
CVE-2018-11697	node-sass-v4.9.0
CVE-2018-19838	node-sass-v4.9.0
CVE-2021-28092	is-svg-3.0.0.tgz
CVE-2019-20920	handlebars-4.1.2.tgz
CVE-2019-20922	handlebars-4.1.2.tgz
CVE-2018-19827	node-sass-v4.9.0
CVE-2018-19837	node-sass-v4.9.0
CVE-2018-19797	node-sass-v4.9.0
WS-2019-0032	js-yaml-3.10.0.tgz
CVE-2019-15657	eslint-utils-1.3.1.tgz

Base branch total remaining vulnerabilities: 212
Base branch commit: null

Total libraries scanned: 1274

Scan token: 8926f9cd7bfc456a98b8610b8da31c30

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Fix for 1 vulnerabilities#339

[Snyk] Fix for 1 vulnerabilities#339
attesch wants to merge 1 commit into
masterfrom
snyk-fix-a5f20f21affbe377ed6a56e7d08c639e

Uh oh!

Security Report

Re-running checks...

fix: package.json & package-lock.json to reduce vulnerabilities

Uh oh!

Security Report

Re-running checks...