Skip to content

Add Drag & Drop Across Axis Functionality to Vis Builder (#7107)

Mend for GitHub.com / WhiteSource Security Check failed Jul 16, 2024 in 8m 1s

Security Report

You have successfully remediated 3 vulnerabilities, but introduced 3 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
WS-2017-3772

Vulnerable Source Files:

❌ /packages/osd-ui-framework/node_modules/underscore.string/unescapeHTML.js

 High 7.5 juice-shopjuice-shop-14.0.0_node14_darwin_x64 Upgrade to version: underscore.string - 3.3.5 #4734
CVE-2023-26156

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/chromedriver/package.json

Dependency Hierarchy:

-> ❌ chromedriver-107.0.3.tgz (Vulnerable Library)

High 7.5 chromedriver-107.0.3.tgz Upgrade to version: chromedriver - 119.0.1 None
CVE-2024-4067

Vulnerable Source Files:

❌ /packages/osd-ui-framework/node_modules/micromatch/index.js

 Medium 5.3 juice-shopjuice-shop-14.0.0_node14_darwin_x64 Upgrade to version: micromatch - 4.0.6 #6791

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
WS-2017-3772 juice-shop-juice-shop-14.5.1_node16_darwin_x64
CVE-2023-28155 request-2.88.12.tgz
CVE-2024-4067 juice-shop-juice-shop-15.2.0_node16_win32_x64

Base branch total remaining vulnerabilities: 16
Base branch commit: 27669cff48cd404e480310f232a0bb0f6b988aed


Total libraries scanned: 2410

Scan token: b42df34271254fefa36df825a1248311

View more details on Mend for GitHub.com