-
Details of this report sent privately to security@salesforce.com
-
There are 2 moderate vulnerabilities found in this library.
https://snyk.io/test/npm/react-syntax-highlighter-virtualized-renderer/1.1.0
package.json in git repo https://github.com/conorhastings…
-
**Describe the bug**
Known vulnerabilities within the Dockerhub Wetty latest image when tested with the **Trivy** tool. The results are:
```
wettyoss/wetty:latest (alpine 3.16.2)
Total: 0 (UN…
-
### Description
Upgrade `ajv` to a non vulnerable version. Requires `sass-lint` , `eslint` breaking upgrades
### Dependabot Alert:
https://github.com/department-of-veterans-affairs/vets-website/sec…
-
Snyk has reported a vulnerability in the `handlebars` package. Details are as follows:
#### Severity
CVSS Score: 7.3 **(HIGH severity)**
- Vulnerable module: `handlebars`
- Introduced throu…
-
### Description
Found by vulnerability check `OWASP:UsingComponentWithKnownVulnerability`
Filename: merge:2.1.1 | Reference: CVE-2021-23397 | CVSS Score: 9.8 | Category: CWE-1321 | All versions …
-
When I use xlsx package I am getting CG issue. In order to resolve the CG issue, please update jszip package to latest version. thank you
-
Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js.
The prototype pollution v…
-
As there s a vulnerability in the lodash version used by Netflix/nerror, could you pl…
-
## PoC:
```js
// get the original ArrayIterator.prototype.next method
var next = [].values().__proto__.next;
// overwrite the method
[].values().__proto__.next = function(){
var x = next.c…