[Snyk] Security upgrade nodemailer from 4.6.8 to 7.0.11#341
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-2025-65945Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> jsonwebtoken-8.3.0.tgz (Root Library) -> ❌ jws-3.1.5.tgz (Vulnerable Library) |
 High |
7.5 | Transitive jws-3.1.5.tgz |
jsonwebtoken-8.3.0.tgz | Transitive 3.2.3 |
None |
CVE-2024-4068Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> lint-staged-7.2.2.tgz (Root Library) -> micromatch-3.1.10.tgz -> ❌ braces-2.3.2.tgz (Vulnerable Library) |
High |
7.5 | Transitive braces-2.3.2.tgz |
lint-staged-7.2.2.tgz | Transitive braces - 3.0.3 |
None |
CVE-2024-4067Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> babel-cli-6.26.0.tgz (Root Library) -> chokidar-1.7.0.tgz -> anymatch-1.3.2.tgz -> ❌ micromatch-2.3.11.tgz (Vulnerable Library) |
 Medium |
5.3 | Transitive micromatch-2.3.11.tgz |
babel-cli-6.26.0.tgz | Transitive 4.0.8 |
None |
CVE-2024-4067Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> lint-staged-7.2.2.tgz (Root Library) -> ❌ micromatch-3.1.10.tgz (Vulnerable Library) |
Medium |
5.3 | Transitive micromatch-3.1.10.tgz |
lint-staged-7.2.2.tgz | Transitive 4.0.8 |
None |
CVE-2021-23358Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sitemap-1.13.0.tgz (Root Library) -> ❌ underscore-1.7.0.tgz (Vulnerable Library) |
 Low |
3.3 | Transitive underscore-1.7.0.tgz |
sitemap-1.13.0.tgz | Transitive 1.12.1 |
#207 |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2018-19826 | node-sass-v4.9.0 |
| CVE-2018-19797 | CSS::Sass-v3.4.12 |
| CVE-2018-11696 | node-sass-v4.9.0 |
| CVE-2018-20190 | node-sass-v4.9.0 |
| CVE-2021-23400 | nodemailer-4.6.8.tgz |
| CVE-2020-7769 | nodemailer-4.6.8.tgz |
| CVE-2018-20821 | node-sass-v4.9.0 |
| CVE-2018-11697 | CSS::Sass-v3.4.12 |
| CVE-2021-23369 | handlebars-4.1.2.tgz |
| CVE-2018-19839 | CSS::Sass-v3.4.12 |
| CVE-2019-6284 | node-sass-v4.9.0 |
| WS-2020-0450 | handlebars-4.1.2.tgz |
| CVE-2019-19919 | handlebars-4.1.2.tgz |
| WS-2019-0605 | node-sass-v4.9.0 |
| CVE-2019-6286 | node-sass-v4.9.0 |
| CVE-2018-20822 | node-sass-v4.9.0 |
| CVE-2019-18797 | node-sass-v4.9.0 |
| CVE-2019-6283 | node-sass-v4.9.0 |
| CVE-2018-11698 | node-sass-v4.9.0 |
| CVE-2018-11499 | node-sass-v4.9.0 |
| CVE-2021-23383 | handlebars-4.1.2.tgz |
| CVE-2018-11693 | node-sass-v4.9.0 |
| CVE-2018-11694 | node-sass-v4.9.0 |
| CVE-2025-13033 | nodemailer-4.6.8.tgz |
| CVE-2022-26592 | node-sass-v4.9.0 |
| CVE-2018-11697 | node-sass-v4.9.0 |
| CVE-2018-19838 | node-sass-v4.9.0 |
| CVE-2019-20920 | handlebars-4.1.2.tgz |
| CVE-2019-20922 | handlebars-4.1.2.tgz |
| CVE-2018-19827 | node-sass-v4.9.0 |
| CVE-2018-19837 | node-sass-v4.9.0 |
| CVE-2018-19827 | CSS::Sass-v3.4.12 |
| CVE-2018-19797 | node-sass-v4.9.0 |
| CVE-2022-29622 | formidable-1.2.1.tgz |
Base branch total remaining vulnerabilities: 218
Base branch commit: null
Total libraries scanned: 1256
Scan token: eafce62969c944d1815693456db98adf