Tested 1715 dependencies for known issues, found 10 issues, 40 vulnerable paths.
Issues to fix by upgrading:
Upgrade gatsby@4.25.7 to gatsby@5.0.0 to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in gatsby-cli@4.25.0
introduced by gatsby@4.25.7 > gatsby-cli@4.25.0
✗ Heap-based Buffer Overflow [Critical Severity][https://security.snyk.io/vuln/SNYK-JS-SHARP-5922108] in sharp@0.30.7
introduced by gatsby-plugin-manifest@4.23.1 > sharp@0.30.7 and 3 other path(s)
Upgrade gatsby-plugin-feed@4.23.1 to gatsby-plugin-feed@5.0.0 to fix
✗ Heap-based Buffer Overflow [Critical Severity][https://security.snyk.io/vuln/SNYK-JS-SHARP-5922108] in sharp@0.30.7
introduced by gatsby-plugin-manifest@4.23.1 > sharp@0.30.7 and 3 other path(s)
Upgrade gatsby-plugin-manifest@4.23.1 to gatsby-plugin-manifest@5.10.0 to fix
✗ Heap-based Buffer Overflow [Critical Severity][https://security.snyk.io/vuln/SNYK-JS-SHARP-5922108] in sharp@0.30.7
introduced by gatsby-plugin-manifest@4.23.1 > sharp@0.30.7 and 3 other path(s)
Upgrade gatsby-transformer-remark@5.25.1 to gatsby-transformer-remark@6.10.0 to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in gatsby-transformer-remark@5.25.1
introduced by gatsby-transformer-remark@5.25.1
✗ Improper Input Validation (new) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-POSTCSS-5926692] in postcss@8.4.16
introduced by gatsby@4.25.7 > postcss@8.4.16 and 5 other path(s)
Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in ansi-regex@2.1.1
introduced by gatsby@4.25.7 > gatsby-cli@4.25.0 > pretty-error@2.1.2 > renderkid@2.0.7 > strip-ansi@3.0.1 > ansi-regex@2.1.1
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Incomplete List of Disallowed Inputs [Critical Severity][https://security.snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462] in @babel/traverse@7.19.1
introduced by gatsby@4.25.7 > @babel/traverse@7.19.1 and 21 other path(s)
This issue was fixed in versions: 7.23.2, 8.0.0-alpha.4
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-CSSWHAT-1298035] in css-what@3.4.2
introduced by gatsby-plugin-optimize-svgs@1.0.5 > svgo@1.3.2 > css-select@2.1.0 > css-what@3.4.2
This issue was fixed in versions: 5.0.1
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in html-minifier@4.0.0
introduced by html-minifier@4.0.0
No upgrade or patch available
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in lodash.template@4.5.0
introduced by gatsby-plugin-offline@5.23.1 > workbox-build@4.3.1 > lodash.template@4.5.0
No upgrade or patch available
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in semver@7.0.0
introduced by gatsby-legacy-polyfills@2.23.0 > core-js-compat@3.9.0 > semver@7.0.0 and 1 other path(s)
This issue was fixed in versions: 5.7.2, 6.3.1, 7.5.2
Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled
Application
✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 23
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.
✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 25
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.
✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 41
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.
✔ Test completed
Organization: tubone24
Test type: Static code analysis
Project path: .
Summary:
3 Code issues found
3 [Medium]
IaC
Snyk Infrastructure as Code
- Snyk testing Infrastructure as Code configuration issues.
✔ Test completed.
Issues
No vulnerable paths were found!
-------------------------------------------------------
Test Summary
Organization: tubone24
Project name: tubone24/blog
✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]
-------------------------------------------------------
Tip
New: Share your test results in the Snyk Web UI with the option --report
Container
Testing test-blog...
✗ Low severity vulnerability found in util-linux/libuuid1
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833
Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1
From: util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1
and 25 more...
✗ Low severity vulnerability found in util-linux/libuuid1
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082
Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1
From: util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1
and 25 more...
✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001
Introduced through: tar@1.30+dfsg-6
From: tar@1.30+dfsg-6
✗ Low severity vulnerability found in tar
Description: CVE-2005-2541
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331
Introduced through: tar@1.30+dfsg-6
From: tar@1.30+dfsg-6
✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529
Introduced through: tar@1.30+dfsg-6
From: tar@1.30+dfsg-6
✗ Low severity vulnerability found in tar
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203
Introduced through: tar@1.30+dfsg-6
From: tar@1.30+dfsg-6
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Authentication Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Privilege Chaining
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Incorrect Privilege Assignment
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Missing Release of Resource after Effective Lifetime
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Time-of-check Time-of-use (TOCTOU)
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-3310899
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: CVE-2023-4641
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5879153
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in perl/perl-base
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980
Introduced through: perl/perl-base@5.28.1-6+deb10u1
From: perl/perl-base@5.28.1-6+deb10u1
✗ Low severity vulnerability found in perl/perl-base
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793
Introduced through: perl/perl-base@5.28.1-6+deb10u1
From: perl/perl-base@5.28.1-6+deb10u1
✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186
Introduced through: perl/perl-base@5.28.1-6+deb10u1
From: perl/perl-base@5.28.1-6+deb10u1
✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188
Introduced through: perl/perl-base@5.28.1-6+deb10u1
From: perl/perl-base@5.28.1-6+deb10u1
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368
Introduced through: pcre3/libpcre3@2:8.39-12
From: pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739
Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3
From: ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
and 7 more...
✗ Low severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196
Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3
From: ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
and 7 more...
✗ Low severity vulnerability found in lz4/liblz4-1
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072
Introduced through: lz4/liblz4-1@1.8.3-1+deb10u1, apt@1.8.2.3
From: lz4/liblz4-1@1.8.3-1+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > lz4/liblz4-1@1.8.3-1+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > lz4/liblz4-1@1.8.3-1+deb10u1
✗ Low severity vulnerability found in libtasn1-6
Description: CVE-2018-1000654
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585
Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3
From: libtasn1-6@4.13-3
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3
✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1
✗ Low severity vulnerability found in libsepol/libsepol1
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1
✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1
✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1
✗ Low severity vulnerability found in libseccomp/libseccomp2
Description: CVE-2019-9893
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044
Introduced through: libseccomp/libseccomp2@2.3.3-4, apt@1.8.2.3
From: libseccomp/libseccomp2@2.3.3-4
From: apt@1.8.2.3 > libseccomp/libseccomp2@2.3.3-4
✗ Low severity vulnerability found in libidn2/libidn2-0
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100
Introduced through: libidn2/libidn2-0@2.0.5-1+deb10u1, apt@1.8.2.3
From: libidn2/libidn2-0@2.0.5-1+deb10u1
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libidn2/libidn2-0@2.0.5-1+deb10u1
✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893
Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3
From: libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1
✗ Low severity vulnerability found in libgcrypt20
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902
Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3
From: libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1
✗ Low severity vulnerability found in libgcrypt20
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489
Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3
From: libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1
✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755
Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3
From: gnutls28/libgnutls30@3.6.7-4+deb10u9
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9
✗ Low severity vulnerability found in gnupg2/gpgv
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746
Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3
From: gnupg2/gpgv@2.2.12-1+deb10u2
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2
✗ Low severity vulnerability found in gnupg2/gpgv
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553
Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3
From: gnupg2/gpgv@2.2.12-1+deb10u2
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2019-1010023
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Use of Insufficiently Random Values
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894106
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894107
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: Insufficient Entropy
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413
Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
and 2 more...
✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: CVE-2023-4039
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-5901315
Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
and 2 more...
✗ Low severity vulnerability found in e2fsprogs/libcom-err2
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482
Introduced through: e2fsprogs/libcom-err2@1.44.5-1+deb10u3, e2fsprogs@1.44.5-1+deb10u3, e2fsprogs/libext2fs2@1.44.5-1+deb10u3, e2fsprogs/libss2@1.44.5-1+deb10u3
From: e2fsprogs/libcom-err2@1.44.5-1+deb10u3
From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3
From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libss2@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3
and 5 more...
✗ Low severity vulnerability found in coreutils
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465
Introduced through: coreutils@8.30-3
From: coreutils@8.30-3
✗ Low severity vulnerability found in coreutils
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494
Introduced through: coreutils@8.30-3
From: coreutils@8.30-3
✗ Low severity vulnerability found in bash
Description: Improper Check for Dropped Privileges
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280
Introduced through: bash@5.0-4
From: bash@5.0-4
✗ Low severity vulnerability found in apt/libapt-pkg5.0
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502
Introduced through: apt/libapt-pkg5.0@1.8.2.3, apt@1.8.2.3
From: apt/libapt-pkg5.0@1.8.2.3
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3
From: apt@1.8.2.3
✗ Medium severity vulnerability found in systemd/libsystemd0
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
Fixed in: 241-7~deb10u10
✗ Medium severity vulnerability found in systemd/libsystemd0
Description: CVE-2022-4415
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
✗ Medium severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5862705
Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3
From: ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
and 7 more...
Fixed in: 6.1+20181013-2+deb10u4
✗ High severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-26604
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153
Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8
From: systemd/libsystemd0@241-7~deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...
Fixed in: 241-7~deb10u9
✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300
Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3
From: gnutls28/libgnutls30@3.6.7-4+deb10u9
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9
Fixed in: 3.6.7-4+deb10u10
✗ High severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488
Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2
From: glibc/libc-bin@2.28-10+deb10u2
From: glibc/libc6@2.28-10+deb10u2
✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558
Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6
From: gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
and 2 more...
✗ Critical severity vulnerability found in libtasn1-6
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094
Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3
From: libtasn1-6@4.13-3
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3
Fixed in: 4.13-3+deb10u1
✗ Critical severity vulnerability found in db5.3/libdb5.3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169
Introduced through: db5.3/libdb5.3@5.3.28+dfsg1-0.5, adduser@3.118
From: db5.3/libdb5.3@5.3.28+dfsg1-0.5
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > pam/libpam-modules@1.3.1-5 > db5.3/libdb5.3@5.3.28+dfsg1-0.5
------------ Detected 27 vulnerabilities for node@18.12.1 ------------
✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Low severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Timing Attack
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ Medium severity vulnerability found in node
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Inconsistency Between Implementation and Documented Design
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Buffer Over-read
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Buffer Underwrite (Buffer Underflow)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ Medium severity vulnerability found in node
Description: Improper Access Control
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.17.1
✗ Medium severity vulnerability found in node
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848030
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.17.1
✗ High severity vulnerability found in node
Description: Insecure Permissions
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ High severity vulnerability found in node
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1
✗ High severity vulnerability found in node
Description: Prototype Pollution
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1
✗ High severity vulnerability found in node
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848038
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.17.1
Organization: tubone24
Package manager: deb
Project name: docker-image|test-blog
Docker image: test-blog
Platform: linux/amd64
Base image: node:18.12.1-buster-slim
Licenses: enabled
Tested 85 dependencies for known issues, found 100 issues.
Base Image Vulnerabilities Severity
node:18.12.1-buster-slim 100 2 critical, 11 high, 20 medium, 67 low
Recommendations for base image upgrade:
Minor upgrades
Base Image Vulnerabilities Severity
node:18.18.1-buster-slim 68 1 critical, 2 high, 1 medium, 64 low
Major upgrades
Base Image Vulnerabilities Severity
node:20.8-buster-slim 68 1 critical, 2 high, 1 medium, 64 low
Alternative image types
Base Image Vulnerabilities Severity
node:20.8-bookworm-slim 30 0 critical, 0 high, 0 medium, 30 low
node:20.8-bullseye-slim 53 0 critical, 0 high, 0 medium, 53 low
node:20.7.0-slim 33 0 critical, 1 high, 2 medium, 30 low
node:20.8-bullseye 273 1 critical, 3 high, 6 medium, 263 low
Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection
PR title
Status
READY/IN DEVELOPMENT/HOLD
Description
A few sentences describing the overall goals of the pull request's commits.
Related PRs
List related PRs against other branches:
Todos
Steps to Test or Reproduce
Outline the steps to test or reproduce the PR here.
Preview Deploy
Describe the URL of the Preview Deploy.
[link]()
Impacted Areas in Application
List general components of the application that this PR will affect:
Screenshot
Replace
FIXME_BRANCH_NAME
,FIXME_PR_NUMBER
in the URL below with this branch name and PR number.Desktop
Width 1200px
Mobile
Width 400px