[Backport 2.x] [Workspace] Consume workspace id in saved object client #6406
Mend for GitHub.com / WhiteSource Security Check
failed
Apr 11, 2024 in 8m 22s
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
WS-2017-3772Vulnerable Source Files: ❌ /packages/osd-ui-framework/node_modules/underscore.string/unescapeHTML.js |
 High |
7.5 | juice-shopjuice-shop-14.0.0_node14_darwin_x64 | Upgrade to version: underscore.string - 3.3.5 | #4734 |
CVE-2023-26156Path to dependency file: /package.json Path to vulnerable library: /node_modules/chromedriver/package.json Dependency Hierarchy: -> ❌ chromedriver-107.0.3.tgz (Vulnerable Library) |
High |
7.5 | chromedriver-107.0.3.tgz | Upgrade to version: chromedriver - 119.0.1 | None |
| High |
7.5 | juice-shopjuice-shop-13.3.0_node16_darwin_x64 | Upgrade to version: 6.0.3 | #4726 |
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2015-9251 | jquery-1.11.1.js |
| CVE-2019-20149 | juice-shop-juice-shop-15.2.0_node16_win32_x64 |
| CVE-2019-11358 | jquery-1.11.1.js |
| WS-2017-3772 | juice-shop-juice-shop-14.5.1_node16_darwin_x64 |
| CVE-2020-11022 | jquery-1.11.1.js |
| CVE-2023-28155 | request-2.88.12.tgz |
| CVE-2020-11023 | jquery-1.11.1.js |
Base branch total remaining vulnerabilities: 16
Base branch commit: 87deeda94c2825230e3cc911d08e1434f8635a7a
Total libraries scanned: 2513
Scan token: cdfe833e5ddb4eaab60ed89da806e8a6
Loading