[Backport 2.17] [Backport 2.x] [dataset-nav][bug] get connections by cluster and update client namespace #8258
+350
−361
Mend for GitHub.com / WhiteSource Security Check
failed
Sep 20, 2024 in 6m 37s
Security Report
You have successfully remediated 2 vulnerabilities, but introduced 2 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
WS-2017-3772Vulnerable Source Files: ❌ /packages/osd-ui-framework/node_modules/underscore.string/unescapeHTML.js |
High | 7.5 | underscore.string3.3.6 | Upgrade to version: underscore.string - 3.3.5 | #4734 |
CVE-2023-26156Path to dependency file: /package.json Path to vulnerable library: /node_modules/chromedriver/package.json Dependency Hierarchy: -> ❌ chromedriver-107.0.3.tgz (Vulnerable Library) |
Medium | 5.6 | chromedriver-107.0.3.tgz | Upgrade to version: chromedriver - 119.0.1 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2023-28155 | request-2.88.12.tgz |
WS-2017-3772 | juice-shop-juice-shop-15.3.0_node20_win32_x64 |
Base branch total remaining vulnerabilities: 16
Base branch commit: cea972fe24f3752e9558c5c84d223e037764955f
Total libraries scanned: 2455
Scan token: 39115667effa4da58d82a99b7f6b2aa6
Loading