build based on ubi image #4
Open
IBM Mend app / Mend Security Check
failed
Dec 5, 2024 in 1m 5s
Security Report
You have successfully remediated 13 vulnerabilities, but introduced 1 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2024-53900Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ mongoose-6.13.3.tgz (Vulnerable Library) |
Critical | 9.1 | mongoose-6.13.3.tgz | Upgrade to version: mongoose - 8.8.3 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2024-28849 | follow-redirects-1.15.5.tgz |
CVE-2024-41818 | fast-xml-parser-4.2.5.tgz |
CVE-2024-45590 | body-parser-1.20.2.tgz |
CVE-2024-39338 | axios-1.6.7.tgz |
CVE-2024-28863 | tar-6.2.0.tgz |
CVE-2024-37890 | ws-7.5.9.tgz |
CVE-2024-53900 | mongoose-6.12.7.tgz |
CVE-2024-29041 | express-4.18.3.tgz |
CVE-2024-47764 | cookie-0.5.0.tgz |
CVE-2024-43796 | express-4.18.3.tgz |
CVE-2024-45296 | path-to-regexp-0.1.7.tgz |
CVE-2024-43800 | serve-static-1.15.0.tgz |
CVE-2024-43799 | send-0.18.0.tgz |
Base branch total remaining vulnerabilities: 13
Base branch commit: 08bbc98242be60c7455eb63c737d90a58673a647
Total libraries scanned: 533
Scan token: db5d2ddb92e84c7491b645df8124e21b
Loading