-
## 🚀 Feature Proposal
Current version of `exceljs` references `archiver` of v5.3.2. In the references, you can find the inflight package that is affected by CVE-772 ( https://security.snyk.io/vuln/…
-
**Actual behavior**
[Snyk](https://snyk.io/docker/) fails to scan docker images produced by kaniko:
```bash
➜ cat Dockerfile
FROM alpine
RUN echo 'abc' > /test.txt
➜ /kaniko/executor -f Doc…
-
## 🐛 Bug Report
There's a snyk issue with the latest build
Missing Release of Resource after Effective Lifetime [High Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in infligh…
-
## 🐛 Bug Report
Transitive Dependency Vulnerability: exceljs > archiver > archiver-utils > glob > inflight: 1.0.6
Lib version: 4.4.0
vulnerability: https://security.snyk.io/vuln/SNYK-JS-INFL…
-
## Component Details
- **Exploit Maturity**: mature
- **Vulnerable Package**: -
- **Current Version**: -
- **Vulnerable Version(s)**: >[0, 2.7)
- **Vulnerable Path**: >null
## Overview
[commons-io:…
-
The dependency was last updated 2016 and officially deprecated 2018. Especially as it's a networking library this is unacceptable from a security perspective. It also causes compatibility issues with …
-
**Describe the bug**
It appears you are using an archived version of adl4j which has a vulnerability: https://github.com/AzureAD/azure-activedirectory-library-for-java/issues/309
It seems you need t…
-
### The problem in depth
We recently upgraded our MUI pro license to MUI premium, but after making the code changes our Static Application Security Testing software (Snyk) is now surfacing a vulner…
-
We recently switched our package manager from npm to pnpm since it reduce our install time by multiple minutes in our monorepo. Since then our Snyk scans are failing, as we should have expected. We ha…
-
Hi, recently I'm seeing the following error when running the `upload-sarif@v3` GH action.
Example failure: https://github.com/cloudnative-pg/postgres-containers/actions/runs/8196632252/job/224172602…