-
### Required
- [x] turn on private vulnerability reporting within Github
- [ ] update community/SECURITY.md to point to private vulnerability reporting
- [x] turn on secret scanning (required by IBM o…
-
Hi,
I was interested in using the `webdevops/php-nginx` container in production but when scanned with `docker scan`, it reports a number of vulnerabilities present: "Tested 311 dependencies for kn…
-
We recently switched our package manager from npm to pnpm since it reduce our install time by multiple minutes in our monorepo. Since then our Snyk scans are failing, as we should have expected. We ha…
-
## Description
The types returned from `AxiosDataFetcher::fetch()` from `@sitecore-jss/sitecore-jss-nextjs` is incompatible with the actual type declared in `axios`. This happens after updating Axios…
thany updated
1 month ago
-
xml2js@0.4.23 has a medium snyk issue that is fixed in version 0.5.0
https://stackoverflow.com/a/75975562/7087480
-
This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.
## Open
These updates have all …
-
Critical vulnerability CVE-2024-5535 is fixed in alpine/openssl version 3.1.6-r0 or higher.
Please see https://build.alpinelinux.org/buildlogs/build-3-19-s390x/main/openssl/openssl-3.1.6-r2.log https…
-
## CVE-2022-22984 - Medium Severity Vulnerability
Vulnerable Libraries - snyk-cocoapods-plugin-2.2.0.tgz, snyk-sbt-plugin-2.11.0.tgz, snyk-1.316.1.tgz
snyk-cocoapods-plugin-2.2.0.tgz
Snyk CLI Coco…
-
see: https://security.snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTREGULAREXPRESSIONS-174708
Tested 83 dependencies for known issues, found 1 issue, 3 vulnerable paths.
Log:
Issues with no direct upgrade…
-
Snyk reports a security vulnerability for this package because of the dependency on the lodash.template standalone package.
You can see the report here: https://security.snyk.io/vuln/SNYK-JS-LODASHTE…