Update airframe-log to 23.11.3 #762
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2023-45133Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> mdx-loader-2.3.1.tgz -> mdx-1.6.22.tgz -> core-7.12.9.tgz -> ❌ traverse-7.17.3.tgz (Vulnerable Library) |
 High |
8.8 | traverse-7.17.3.tgz | Upgrade to version: @babel/traverse - 7.23.2 | #592 |
CVE-2023-45133Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> ❌ traverse-7.20.1.tgz (Vulnerable Library) |
High |
8.8 | traverse-7.20.1.tgz | Upgrade to version: @babel/traverse - 7.23.2 | #592 |
CVE-2022-25883Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> css-loader-6.7.1.tgz -> ❌ semver-7.3.5.tgz (Vulnerable Library) |
High |
7.5 | semver-7.3.5.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #592 |
CVE-2022-25883Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> mdx-loader-2.3.1.tgz -> mdx-1.6.22.tgz -> core-7.12.9.tgz -> ❌ semver-5.7.1.tgz (Vulnerable Library) |
High |
7.5 | semver-5.7.1.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #592 |
CVE-2022-25883Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> webpack-6.2.1.tgz -> preset-env-7.16.11.tgz -> core-js-compat-3.21.1.tgz -> ❌ semver-7.0.0.tgz (Vulnerable Library) |
High |
7.5 | semver-7.0.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #592 |
CVE-2022-25883Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> babel-loader-8.2.5.tgz -> make-dir-3.1.0.tgz -> ❌ semver-6.3.0.tgz (Vulnerable Library) |
High |
7.5 | semver-6.3.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #592 |
CVE-2022-25883Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> ❌ semver-7.3.7.tgz (Vulnerable Library) |
High |
7.5 | semver-7.3.7.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #592 |
CVE-2023-44270Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> css-loader-6.7.1.tgz -> ❌ postcss-8.4.12.tgz (Vulnerable Library) |
 Medium |
5.3 | postcss-8.4.12.tgz | Upgrade to version: postcss - 8.4.31 | #592 |
CVE-2023-44270Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json Dependency Hierarchy: -> core-2.3.1.tgz (Root Library) -> ❌ postcss-8.4.14.tgz (Vulnerable Library) |
Medium |
5.3 | postcss-8.4.14.tgz | Upgrade to version: postcss - 8.4.31 | #592 |
Base branch total remaining vulnerabilities: 16
Base branch commit: f77217306cd7e3104bec8eb4bbd25ce7390dea6a
Total libraries scanned: 1167
Scan token: 0da5fe3b65904c209f262fe44a22756d