netlify blobを使って保存

[tubone24]

PR title

Status

READY/IN DEVELOPMENT/HOLD

Description

A few sentences describing the overall goals of the pull request's commits.

Related PRs

List related PRs against other branches:

branch	PR
other_pr_master	[link]()
other_pr_develop	[link]()

Todos

• [ ] Tests
• [ ] e2e Tests
• [ ] Storybook
• [ ] Documentation

Steps to Test or Reproduce

Outline the steps to test or reproduce the PR here.

git pull --prune
git checkout <feature_branch>
yarn test

Preview Deploy

Describe the URL of the Preview Deploy.

[link]()

Impacted Areas in Application

List general components of the application that this PR will affect:

• aaa
• bbb

Screenshot

Replace FIXME_BRANCH_NAME, FIXME_PR_NUMBER in the URL below with this branch name and PR number.

Desktop

Width 1200px

Mobile

Width 400px

[github-actions[bot]]

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public Functions path: /home/runner/work/blog/blog/functions/src Configuration path: /home/runner/work/blog/blog/netlify.toml Deploying to draft URL... ​ Netlify Build
──────────────────────────────────────────────────────────────── ​ ❯ Version @netlify/build 29.36.1 ​ ❯ Flags auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ deployId: 65f5110acdbd166a765324bc dir: ./public functions: ./functions/src open: false prod: false prodIfUnlocked: false site: 3751ef40-b145-4249-9657-39d3fb04ae81 skipFunctionsCache: false ​ ❯ Current directory /home/runner/work/blog/blog ​ ❯ Config file /home/runner/work/blog/blog/netlify.toml ​ ❯ Context dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/65f5110acdbd166a765324bc Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:65f5110acdbd166a765324bc Website draft URL: https://65f5110acdbd166a765324bc--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag. netlify deploy --prod

[coveralls]

Pull Request Test Coverage Report for Build 8305128246

Details

• 2 of 2 (100.0%) changed or added relevant lines in 1 file are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage increased (+0.04%) to 85.64%

---

Totals
Change from base Build 8304842698:	0.04%
Covered Lines:	251
Relevant Lines:	281

---

💛 - Coveralls

[github-actions[bot]]

Bundle Analyzer URL

https://65f5110acdbd166a765324bc--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

[github-actions[bot]]

Memlab leaks report

``` page-load [7.1MB] (baseline) [s1] > action-on-page [8.4MB] (target) [s2] > revert [9.5MB] (final) [s3] ------3 clusters------ --Similar leaks in this run: 1200-- --Retained size of leaked objects: 182.1KB-- [] (synthetic) @1 [10.7MB] --2 (shortcut)---> [Window / https://blog.tubone-project24.xyz] (object) @6257 [64KB] --setTimeout (property)---> [] (closure) @143031 [72 bytes] --context (internal)---> [] (object) @318331 [20 bytes] --previous (internal)---> [] (object) @85233 [30.3KB] --n (variable)---> [t] (closure) @167661 [1.3KB] --context (internal)---> [] (object) @147261 [42.5KB] --n (variable)---> [Object] (object) @318593 [42.4KB] --9077 (element)---> [Object] (object) @163803 [24 bytes] --exports (property)---> [r] (closure) @163809 [2.7KB] --hasData (property)---> [] (closure) @164665 [80 bytes] --context (internal)---> [] (object) @208227 [1.5KB] --e (variable)---> [Object] (object) @208229 [1KB] --2 (element)---> [Object] (object) @354665 [76 bytes] --aaAutocomplete (property)---> [d] (object) @388877 [348 bytes] --$node (property)---> [$] (object) @390937 [188 bytes] --0 (element)---> [Detached HTMLSpanElement] (native) @320243 [1KB] --7 (element)---> [Detached HTMLDivElement] (native) @320839 [5.9KB] --8 (element)---> [Detached HTMLDivElement] (native) @320425 [768 bytes] --5 (element)---> [Detached HTMLHRElement] (native) @320427 [680 bytes] --6 (element)---> [Detached HTMLDivElement] (native) @320429 [1.1KB] --6 (element)---> [Detached HTMLAnchorElement] (native) @320489 [2.3KB] --11 (element)---> [Detached HTMLAnchorElement] (native) @320479 [2.3KB] --13 (element)---> [Detached InternalNode] (native) @31252 [340 bytes] --1 (element)---> [Detached InternalNode] (native) @50116 [256 bytes] --4 (element)---> [Detached ElementIntersectionObserverData] (native) @31242 [72 bytes] --Similar leaks in this run: 369-- --Retained size of leaked objects: 74.9KB-- [] (synthetic) @1 [10.7MB] --2 (shortcut)---> [Window / https://blog.tubone-project24.xyz] (object) @6257 [64KB] --___replace (property)---> [] (closure) @135157 [76 bytes] --context (internal)---> [] (object) @134315 [724 bytes] --i (variable)---> [Module] (object) @166967 [6.3KB] --get version (property)---> [version] (closure) @146407 [80 bytes] --context (internal)---> [] (object) @146417 [6.5KB] --Qn (variable)---> [y] (object) @413379 [368 bytes] --props (property)---> [Object] (object) @415371 [28 bytes] --children (property)---> [Object] (object) @470549 [296 bytes] --props (property)---> [Object] (object) @470551 [56 bytes] --children (property)---> [Object] (object) @464389 [1.2KB] --__ (property)---> [Object] (object) @464397 [1.1KB] --__ (property)---> [Object] (object) @464405 [940 bytes] --__ (property)---> [Object] (object) @416697 [736 bytes] --__d (property)---> [Detached HTMLDivElement] (native) @320327 [792 bytes] --5 (element)---> [Detached HTMLDivElement] (native) @320329 [708 bytes] --5 (element)---> [Detached HTMLDivElement] (native) @320331 [708 bytes] --6 (element)---> [Detached HTMLDivElement] (native) @320281 [19.4KB] --8 (element)---> [Detached HTMLElement] (native) @320299 [40.5KB] --5 (element)---> [Detached HTMLDivElement] (native) @320297 [35.1KB] --6 (element)---> [Detached Text] (native) @321563 [296 bytes] --6 (element)---> [Detached HTMLImageElement] (native) @321561 [1.1KB] --7 (element)---> [Detached Text] (native) @321559 [296 bytes] --6 (element)---> [Detached HTMLParagraphElement] (native) @321543 [3.9KB] --8 (element)---> [Detached Text] (native) @321541 [296 bytes] --6 (element)---> [Detached HTMLHeadingElement] (native) @321535 [1KB] --10 (element)---> [Detached InternalNode] (native) @27916 [268 bytes] --1 (element)---> [Detached InternalNode] (native) @27918 [184 bytes] --2 (element)---> [Detached NamedNodeMap] (native) @28220 [40 bytes] --Similar leaks in this run: 1-- --Retained size of leaked objects: 32 bytes-- [Window] (native) @36859 [25.1KB] --4 (element)---> [HTMLDocument] (native) @36843 [16.1KB] --14 (element)---> [HTMLHtmlElement] (native) @37035 [580 bytes] --7 (element)---> [HTMLBodyElement] (native) @36983 [756 bytes] --6 (element)---> [HTMLIFrameElement] (native) @34661 [2.9KB] --10 (element)---> [HTMLIFrameElement] (native) @37291 [24.9KB] --17 (element)---> [InternalNode] (native) @8764 [23.8KB] --1 (element)---> [InternalNode] (native) @8766 [23.8KB] --1 (element)---> [InternalNode] (native) @18218 [23.8KB] --1 (element)---> [EventListener] (native) @18214 [23.8KB] --1 (element)---> [V8EventListener] (native) @18216 [23.7KB] --1 (element)---> [r] (closure) @34719 [23.7KB] --__sentry_original__ (property)---> [] (closure) @115647 [23.1KB] --context (internal)---> [] (object) @115669 [23KB] --i (variable)---> [Object] (object) @154591 [15.5KB] --37 (element)---> [Detached Text] (native) @35893 [160 bytes] --5 (element)---> [Detached InternalNode] (native) @35648 [32 bytes] --1 (element)---> [Detached InternalNode] (native) @37936 [32 bytes] --1 (element)---> [Detached NodeList] (native) @37934 [32 bytes] ```

[github-actions[bot]]

Snyk vulnerability report

OSS packages

Tested 1786 dependencies for known issues, found 13 issues, 31 vulnerable paths. Issues to fix by upgrading: Upgrade @sentry/profiling-node@0.3.0 to @sentry/profiling-node@1.3.0 to fix ✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in inflight@1.0.6 introduced by gatsby-plugin-offline@5.23.1 > glob@7.2.3 > inflight@1.0.6 and 8 other path(s) Upgrade gatsby@4.25.7 to gatsby@5.0.0 to fix ✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in gatsby-cli@4.25.0 introduced by gatsby@4.25.7 > gatsby-cli@4.25.0 ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in semver@7.0.0 introduced by gatsby-legacy-polyfills@2.23.0 > core-js-compat@3.9.0 > semver@7.0.0 and 1 other path(s) Upgrade gatsby-legacy-polyfills@2.23.0 to gatsby-legacy-polyfills@3.10.0 to fix ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in semver@7.0.0 introduced by gatsby-legacy-polyfills@2.23.0 > core-js-compat@3.9.0 > semver@7.0.0 and 1 other path(s) Upgrade gatsby-transformer-remark@5.25.1 to gatsby-transformer-remark@6.10.0 to fix ✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in gatsby-transformer-remark@5.25.1 introduced by gatsby-transformer-remark@5.25.1 ✗ Information Exposure (new) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-6256334] in sanitize-html@2.10.0 introduced by gatsby-transformer-remark@5.25.1 > sanitize-html@2.10.0 Issues with no direct upgrade or patch: ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in ansi-regex@2.1.1 introduced by gatsby@4.25.7 > gatsby-cli@4.25.0 > pretty-error@2.1.2 > renderkid@2.0.7 > strip-ansi@3.0.1 > ansi-regex@2.1.1 This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1 ✗ Cross-site Request Forgery (CSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459] in axios@0.27.2 introduced by @raae/gatsby-remark-oembed@0.3.3 > axios@0.27.2 and 2 other path(s) This issue was fixed in versions: 1.6.0 ✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in axios@0.27.2 introduced by @raae/gatsby-remark-oembed@0.3.3 > axios@0.27.2 and 2 other path(s) This issue was fixed in versions: 1.6.3 ✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in axios@0.27.2 introduced by @raae/gatsby-remark-oembed@0.3.3 > axios@0.27.2 and 2 other path(s) This issue was fixed in versions: 1.6.4 ✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610] in follow-redirects@1.15.5 introduced by axios@1.6.5 > follow-redirects@1.15.5 and 3 other path(s) This issue was fixed in versions: 1.15.6 ✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in html-minifier@4.0.0 introduced by html-minifier@4.0.0 No upgrade or patch available ✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in lodash.template@4.5.0 introduced by gatsby-plugin-offline@5.23.1 > workbox-build@4.3.1 > lodash.template@4.5.0 No upgrade or patch available ✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607] in serialize-javascript@5.0.1 introduced by gatsby@4.25.7 > css-minimizer-webpack-plugin@2.0.0 > serialize-javascript@5.0.1 This issue was fixed in versions: 6.0.2 Organization: tubone24 Package manager: yarn Target file: yarn.lock Project name: blog Open source: no Project path: . Licenses: enabled

Application

✗ [Medium] Path Traversal Path: scripts/benchmark.js, line 23 Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files. ✗ [Medium] Path Traversal Path: scripts/benchmark.js, line 25 Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files. ✗ [Medium] Path Traversal Path: scripts/benchmark.js, line 41 Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files. ✔ Test completed Organization: tubone24 Test type: Static code analysis Project path: . Summary: 3 Code issues found 3 [Medium]

IaC

Snyk Infrastructure as Code - Snyk testing Infrastructure as Code configuration issues. ✔ Test completed. Issues No vulnerable paths were found! ------------------------------------------------------- Test Summary Organization: tubone24 Project name: tubone24/blog ✔ Files without issues: 3 ✗ Files with issues: 0 Ignored issues: 0 Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ] ------------------------------------------------------- Tip New: Share your test results in the Snyk Web UI with the option --report

Container

Testing test-blog... ✗ Low severity vulnerability found in util-linux/libuuid1 Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833 Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1 From: util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1 and 25 more... ✗ Low severity vulnerability found in util-linux/libuuid1 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082 Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1 From: util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1 and 25 more... ✗ Low severity vulnerability found in tar Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: CVE-2005-2541 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: NULL Pointer Dereference Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: CVE-2023-39804 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-6120423 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 Fixed in: 1.30+dfsg-6+deb10u1 ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Authentication Bypass Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Link Following Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Privilege Chaining Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Incorrect Privilege Assignment Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Missing Release of Resource after Effective Lifetime Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-7008 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6137710 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-50868 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277511 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in shadow/passwd Description: Time-of-check Time-of-use (TOCTOU) Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Incorrect Permission Assignment for Critical Resource Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Access Restriction Bypass Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Incorrect Permission Assignment for Critical Resource Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Arbitrary Code Injection Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Improper Authentication Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5879153 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in perl/perl-base Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in perl/perl-base Description: Link Following Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in perl/perl-base Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in perl/perl-base Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pam/libpam0g Description: CVE-2024-22365 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PAM-6178916 Introduced through: pam/libpam0g@1.3.1-5, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1, adduser@3.118, pam/libpam-modules-bin@1.3.1-5, pam/libpam-modules@1.3.1-5, pam/libpam-runtime@1.3.1-5 From: pam/libpam0g@1.3.1-5 From: shadow/login@1:4.5-1.1 > pam/libpam0g@1.3.1-5 From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > pam/libpam0g@1.3.1-5 and 11 more... ✗ Low severity vulnerability found in ncurses/libtinfo6 Description: CVE-2023-50495 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6123819 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... ✗ Low severity vulnerability found in ncurses/libtinfo6 Description: CVE-2023-45918 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6252772 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... ✗ Low severity vulnerability found in lz4/liblz4-1 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072 Introduced through: lz4/liblz4-1@1.8.3-1+deb10u1, apt@1.8.2.3 From: lz4/liblz4-1@1.8.3-1+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > lz4/liblz4-1@1.8.3-1+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > lz4/liblz4-1@1.8.3-1+deb10u1 ✗ Low severity vulnerability found in libtasn1-6 Description: CVE-2018-1000654 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585 Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3 From: libtasn1-6@4.13-3 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libseccomp/libseccomp2 Description: CVE-2019-9893 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044 Introduced through: libseccomp/libseccomp2@2.3.3-4, apt@1.8.2.3 From: libseccomp/libseccomp2@2.3.3-4 From: apt@1.8.2.3 > libseccomp/libseccomp2@2.3.3-4 ✗ Low severity vulnerability found in libidn2/libidn2-0 Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100 Introduced through: libidn2/libidn2-0@2.0.5-1+deb10u1, apt@1.8.2.3 From: libidn2/libidn2-0@2.0.5-1+deb10u1 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libidn2/libidn2-0@2.0.5-1+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Use of a Broken or Risky Cryptographic Algorithm Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Race Condition Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-6405988 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in gnutls28/libgnutls30 Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 ✗ Low severity vulnerability found in gnupg2/gpgv Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746 Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3 From: gnupg2/gpgv@2.2.12-1+deb10u2 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 ✗ Low severity vulnerability found in gnupg2/gpgv Description: Use of a Broken or Risky Cryptographic Algorithm Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553 Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3 From: gnupg2/gpgv@2.2.12-1+deb10u2 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Resource Management Errors Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2019-1010023 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Use of Insufficiently Random Values Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894106 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894107 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in gcc-8/libstdc++6 Description: Insufficient Entropy Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413 Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6 From: gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 and 2 more... ✗ Low severity vulnerability found in gcc-8/libstdc++6 Description: CVE-2023-4039 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-5901315 Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6 From: gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 and 2 more... ✗ Low severity vulnerability found in e2fsprogs/libcom-err2 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482 Introduced through: e2fsprogs/libcom-err2@1.44.5-1+deb10u3, e2fsprogs@1.44.5-1+deb10u3, e2fsprogs/libext2fs2@1.44.5-1+deb10u3, e2fsprogs/libss2@1.44.5-1+deb10u3 From: e2fsprogs/libcom-err2@1.44.5-1+deb10u3 From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3 From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libss2@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3 and 5 more... ✗ Low severity vulnerability found in coreutils Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465 Introduced through: coreutils@8.30-3 From: coreutils@8.30-3 ✗ Low severity vulnerability found in coreutils Description: Race Condition Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494 Introduced through: coreutils@8.30-3 From: coreutils@8.30-3 ✗ Low severity vulnerability found in bash Description: Improper Check for Dropped Privileges Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280 Introduced through: bash@5.0-4 From: bash@5.0-4 ✗ Low severity vulnerability found in apt/libapt-pkg5.0 Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502 Introduced through: apt/libapt-pkg5.0@1.8.2.3, apt@1.8.2.3 From: apt/libapt-pkg5.0@1.8.2.3 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 From: apt@1.8.2.3 ✗ Medium severity vulnerability found in systemd/libsystemd0 Description: Off-by-one Error Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... Fixed in: 241-7~deb10u10 ✗ Medium severity vulnerability found in systemd/libsystemd0 Description: CVE-2022-4415 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Medium severity vulnerability found in ncurses/libtinfo6 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5862705 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... Fixed in: 6.1+20181013-2+deb10u4 ✗ Medium severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6062099 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 Fixed in: 3.6.7-4+deb10u11 ✗ High severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-26604 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... Fixed in: 241-7~deb10u9 ✗ High severity vulnerability found in systemd/libsystemd0 Description: Allocation of Resources Without Limits or Throttling Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277513 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ High severity vulnerability found in ncurses/libtinfo6 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... Fixed in: 6.1+20181013-2+deb10u5 ✗ High severity vulnerability found in ncurses/libtinfo6 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... Fixed in: 6.1+20181013-2+deb10u5 ✗ High severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 Fixed in: 3.6.7-4+deb10u10 ✗ High severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6159414 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 Fixed in: 3.6.7-4+deb10u12 ✗ High severity vulnerability found in glibc/libc-bin Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ High severity vulnerability found in gcc-8/libstdc++6 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558 Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6 From: gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 and 2 more... ✗ Critical severity vulnerability found in zlib/zlib1g Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-ZLIB-6008964 Introduced through: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2 From: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2 ✗ Critical severity vulnerability found in libtasn1-6 Description: Off-by-one Error Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094 Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3 From: libtasn1-6@4.13-3 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3 Fixed in: 4.13-3+deb10u1 ✗ Critical severity vulnerability found in db5.3/libdb5.3 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169 Introduced through: db5.3/libdb5.3@5.3.28+dfsg1-0.5, adduser@3.118 From: db5.3/libdb5.3@5.3.28+dfsg1-0.5 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > pam/libpam-modules@1.3.1-5 > db5.3/libdb5.3@5.3.28+dfsg1-0.5 ------------ Detected 34 vulnerabilities for node@18.12.1 ------------ ✗ Low severity vulnerability found in node Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Low severity vulnerability found in node Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Low severity vulnerability found in node Description: Insecure Randomness Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Low severity vulnerability found in node Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969349 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.18.2 ✗ Low severity vulnerability found in node Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969357 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.18.2 ✗ Low severity vulnerability found in node Description: Permissive Cross-domain Policy with Untrusted Domains Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252338 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 ✗ Medium severity vulnerability found in node Description: Timing Attack Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Privilege Escalation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: HTTP Request Smuggling Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Inconsistency Between Implementation and Documented Design Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Buffer Over-read Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Insecure Randomness Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Buffer Underwrite (Buffer Underflow) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Privilege Escalation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Improper Access Control Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.17.1 ✗ Medium severity vulnerability found in node Description: Access Restriction Bypass Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848030 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.17.1 ✗ Medium severity vulnerability found in node Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969356 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.18.2 ✗ Medium severity vulnerability found in node Description: Observable Timing Discrepancy Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252330 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 ✗ High severity vulnerability found in node Description: Insecure Permissions Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Access of Resource Using Incompatible Type ('Type Confusion') Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Prototype Pollution Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ High severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ High severity vulnerability found in node Description: Arbitrary Code Injection Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848038 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.17.1 ✗ High severity vulnerability found in node Description: Allocation of Resources Without Limits or Throttling Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252328 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 ✗ High severity vulnerability found in node Description: Code Injection Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252332 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 Organization: tubone24 Package manager: deb Project name: docker-image|test-blog Docker image: test-blog Platform: linux/amd64 Base image: node:18.12.1-buster-slim Licenses: enabled Tested 85 dependencies for known issues, found 117 issues. Base Image Vulnerabilities Severity node:18.12.1-buster-slim 117 3 critical, 17 high, 23 medium, 74 low Recommendations for base image upgrade: Minor upgrades Base Image Vulnerabilities Severity node:18.19.1-buster-slim 73 2 critical, 3 high, 1 medium, 67 low Major upgrades Base Image Vulnerabilities Severity node:20.11.1-buster-slim 73 2 critical, 3 high, 1 medium, 67 low Alternative image types Base Image Vulnerabilities Severity node:21.7.0-bookworm-slim 35 1 critical, 1 high, 0 medium, 33 low node:21.7.0-bullseye-slim 66 1 critical, 1 high, 0 medium, 64 low node:lts-bookworm 170 1 critical, 3 high, 1 medium, 165 low node:20.11.0-slim 43 1 critical, 5 high, 3 medium, 34 low Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection

[github-actions[bot]]

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static Functions path: /home/runner/work/blog/blog/functions/src Configuration path: /home/runner/work/blog/blog/netlify.toml Deploying to draft URL... ​ Netlify Build
──────────────────────────────────────────────────────────────── ​ ❯ Version @netlify/build 29.36.1 ​ ❯ Flags auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y deployId: 65f5114aa5568b62d13c4fcb dir: ./storybook-static open: false prod: false prodIfUnlocked: false site: 905285ac-8339-48d2-86d8-8d639370a095 skipFunctionsCache: false ​ ❯ Current directory /home/runner/work/blog/blog ​ ❯ Config file /home/runner/work/blog/blog/netlify.toml ​ ❯ Context dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/65f5114aa5568b62d13c4fcb Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:65f5114aa5568b62d13c4fcb Website draft URL: https://65f5114aa5568b62d13c4fcb--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag. netlify deploy --prod

[github-actions[bot]]

Lighthouse Score

Desktop

Mobile

[github-actions[bot]]

Snyk vulnerability report

OSS packages

Tested 1786 dependencies for known issues, found 13 issues, 31 vulnerable paths. Issues to fix by upgrading: Upgrade @sentry/profiling-node@0.3.0 to @sentry/profiling-node@1.3.0 to fix ✗ Missing Release of Resource after Effective Lifetime [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-INFLIGHT-6095116] in inflight@1.0.6 introduced by gatsby-plugin-offline@5.23.1 > glob@7.2.3 > inflight@1.0.6 and 8 other path(s) Upgrade gatsby@4.25.7 to gatsby@5.0.0 to fix ✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in gatsby-cli@4.25.0 introduced by gatsby@4.25.7 > gatsby-cli@4.25.0 ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in semver@7.0.0 introduced by gatsby-legacy-polyfills@2.23.0 > core-js-compat@3.9.0 > semver@7.0.0 and 1 other path(s) Upgrade gatsby-legacy-polyfills@2.23.0 to gatsby-legacy-polyfills@3.10.0 to fix ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in semver@7.0.0 introduced by gatsby-legacy-polyfills@2.23.0 > core-js-compat@3.9.0 > semver@7.0.0 and 1 other path(s) Upgrade gatsby-transformer-remark@5.25.1 to gatsby-transformer-remark@6.10.0 to fix ✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in gatsby-transformer-remark@5.25.1 introduced by gatsby-transformer-remark@5.25.1 ✗ Information Exposure (new) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-6256334] in sanitize-html@2.10.0 introduced by gatsby-transformer-remark@5.25.1 > sanitize-html@2.10.0 Issues with no direct upgrade or patch: ✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in ansi-regex@2.1.1 introduced by gatsby@4.25.7 > gatsby-cli@4.25.0 > pretty-error@2.1.2 > renderkid@2.0.7 > strip-ansi@3.0.1 > ansi-regex@2.1.1 This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1 ✗ Cross-site Request Forgery (CSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459] in axios@0.27.2 introduced by @raae/gatsby-remark-oembed@0.3.3 > axios@0.27.2 and 2 other path(s) This issue was fixed in versions: 1.6.0 ✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in axios@0.27.2 introduced by @raae/gatsby-remark-oembed@0.3.3 > axios@0.27.2 and 2 other path(s) This issue was fixed in versions: 1.6.3 ✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in axios@0.27.2 introduced by @raae/gatsby-remark-oembed@0.3.3 > axios@0.27.2 and 2 other path(s) This issue was fixed in versions: 1.6.4 ✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610] in follow-redirects@1.15.5 introduced by axios@1.6.5 > follow-redirects@1.15.5 and 3 other path(s) This issue was fixed in versions: 1.15.6 ✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in html-minifier@4.0.0 introduced by html-minifier@4.0.0 No upgrade or patch available ✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in lodash.template@4.5.0 introduced by gatsby-plugin-offline@5.23.1 > workbox-build@4.3.1 > lodash.template@4.5.0 No upgrade or patch available ✗ Cross-site Scripting (XSS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-SERIALIZEJAVASCRIPT-6147607] in serialize-javascript@5.0.1 introduced by gatsby@4.25.7 > css-minimizer-webpack-plugin@2.0.0 > serialize-javascript@5.0.1 This issue was fixed in versions: 6.0.2 Organization: tubone24 Package manager: yarn Target file: yarn.lock Project name: blog Open source: no Project path: . Licenses: enabled

Application

✗ [Medium] Path Traversal Path: scripts/benchmark.js, line 23 Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files. ✗ [Medium] Path Traversal Path: scripts/benchmark.js, line 25 Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files. ✗ [Medium] Path Traversal Path: scripts/benchmark.js, line 41 Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files. ✔ Test completed Organization: tubone24 Test type: Static code analysis Project path: . Summary: 3 Code issues found 3 [Medium]

IaC

Snyk Infrastructure as Code - Snyk testing Infrastructure as Code configuration issues. ✔ Test completed. Issues No vulnerable paths were found! ------------------------------------------------------- Test Summary Organization: tubone24 Project name: tubone24/blog ✔ Files without issues: 3 ✗ Files with issues: 0 Ignored issues: 0 Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ] ------------------------------------------------------- Tip New: Share your test results in the Snyk Web UI with the option --report

Container

Testing test-blog... ✗ Low severity vulnerability found in util-linux/libuuid1 Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833 Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1 From: util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1 and 25 more... ✗ Low severity vulnerability found in util-linux/libuuid1 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082 Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1 From: util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1 From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1 and 25 more... ✗ Low severity vulnerability found in tar Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: CVE-2005-2541 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: NULL Pointer Dereference Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 ✗ Low severity vulnerability found in tar Description: CVE-2023-39804 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-6120423 Introduced through: tar@1.30+dfsg-6 From: tar@1.30+dfsg-6 Fixed in: 1.30+dfsg-6+deb10u1 ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Authentication Bypass Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Link Following Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Privilege Chaining Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Incorrect Privilege Assignment Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Missing Release of Resource after Effective Lifetime Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: Improper Validation of Integrity Check Value Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-7008 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6137710 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-50868 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277511 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Low severity vulnerability found in shadow/passwd Description: Time-of-check Time-of-use (TOCTOU) Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Incorrect Permission Assignment for Critical Resource Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Access Restriction Bypass Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Incorrect Permission Assignment for Critical Resource Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Arbitrary Code Injection Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in shadow/passwd Description: Improper Authentication Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5879153 Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1 From: shadow/passwd@1:4.5-1.1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 From: shadow/login@1:4.5-1.1 and 1 more... ✗ Low severity vulnerability found in perl/perl-base Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in perl/perl-base Description: Link Following Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in perl/perl-base Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in perl/perl-base Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188 Introduced through: perl/perl-base@5.28.1-6+deb10u1 From: perl/perl-base@5.28.1-6+deb10u1 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pcre3/libpcre3 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368 Introduced through: pcre3/libpcre3@2:8.39-12 From: pcre3/libpcre3@2:8.39-12 ✗ Low severity vulnerability found in pam/libpam0g Description: CVE-2024-22365 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PAM-6178916 Introduced through: pam/libpam0g@1.3.1-5, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1, adduser@3.118, pam/libpam-modules-bin@1.3.1-5, pam/libpam-modules@1.3.1-5, pam/libpam-runtime@1.3.1-5 From: pam/libpam0g@1.3.1-5 From: shadow/login@1:4.5-1.1 > pam/libpam0g@1.3.1-5 From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > pam/libpam0g@1.3.1-5 and 11 more... ✗ Low severity vulnerability found in ncurses/libtinfo6 Description: CVE-2023-50495 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6123819 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... ✗ Low severity vulnerability found in ncurses/libtinfo6 Description: CVE-2023-45918 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-6252772 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... ✗ Low severity vulnerability found in lz4/liblz4-1 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072 Introduced through: lz4/liblz4-1@1.8.3-1+deb10u1, apt@1.8.2.3 From: lz4/liblz4-1@1.8.3-1+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > lz4/liblz4-1@1.8.3-1+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > lz4/liblz4-1@1.8.3-1+deb10u1 ✗ Low severity vulnerability found in libtasn1-6 Description: CVE-2018-1000654 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585 Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3 From: libtasn1-6@4.13-3 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libsepol/libsepol1 Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642 Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118 From: libsepol/libsepol1@2.8-1 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1 ✗ Low severity vulnerability found in libseccomp/libseccomp2 Description: CVE-2019-9893 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044 Introduced through: libseccomp/libseccomp2@2.3.3-4, apt@1.8.2.3 From: libseccomp/libseccomp2@2.3.3-4 From: apt@1.8.2.3 > libseccomp/libseccomp2@2.3.3-4 ✗ Low severity vulnerability found in libidn2/libidn2-0 Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100 Introduced through: libidn2/libidn2-0@2.0.5-1+deb10u1, apt@1.8.2.3 From: libidn2/libidn2-0@2.0.5-1+deb10u1 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libidn2/libidn2-0@2.0.5-1+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Use of a Broken or Risky Cryptographic Algorithm Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Race Condition Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in libgcrypt20 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-6405988 Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3 From: libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1 ✗ Low severity vulnerability found in gnutls28/libgnutls30 Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 ✗ Low severity vulnerability found in gnupg2/gpgv Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746 Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3 From: gnupg2/gpgv@2.2.12-1+deb10u2 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 ✗ Low severity vulnerability found in gnupg2/gpgv Description: Use of a Broken or Risky Cryptographic Algorithm Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553 Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3 From: gnupg2/gpgv@2.2.12-1+deb10u2 From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Uncontrolled Recursion Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Resource Management Errors Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Out-of-Bounds Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: CVE-2019-1010023 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Use of Insufficiently Random Values Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894106 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in glibc/libc-bin Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-5894107 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ Low severity vulnerability found in gcc-8/libstdc++6 Description: Insufficient Entropy Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413 Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6 From: gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 and 2 more... ✗ Low severity vulnerability found in gcc-8/libstdc++6 Description: CVE-2023-4039 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-5901315 Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6 From: gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 and 2 more... ✗ Low severity vulnerability found in e2fsprogs/libcom-err2 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482 Introduced through: e2fsprogs/libcom-err2@1.44.5-1+deb10u3, e2fsprogs@1.44.5-1+deb10u3, e2fsprogs/libext2fs2@1.44.5-1+deb10u3, e2fsprogs/libss2@1.44.5-1+deb10u3 From: e2fsprogs/libcom-err2@1.44.5-1+deb10u3 From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3 From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libss2@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3 and 5 more... ✗ Low severity vulnerability found in coreutils Description: Improper Input Validation Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465 Introduced through: coreutils@8.30-3 From: coreutils@8.30-3 ✗ Low severity vulnerability found in coreutils Description: Race Condition Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494 Introduced through: coreutils@8.30-3 From: coreutils@8.30-3 ✗ Low severity vulnerability found in bash Description: Improper Check for Dropped Privileges Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280 Introduced through: bash@5.0-4 From: bash@5.0-4 ✗ Low severity vulnerability found in apt/libapt-pkg5.0 Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502 Introduced through: apt/libapt-pkg5.0@1.8.2.3, apt@1.8.2.3 From: apt/libapt-pkg5.0@1.8.2.3 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 From: apt@1.8.2.3 ✗ Medium severity vulnerability found in systemd/libsystemd0 Description: Off-by-one Error Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... Fixed in: 241-7~deb10u10 ✗ Medium severity vulnerability found in systemd/libsystemd0 Description: CVE-2022-4415 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ Medium severity vulnerability found in ncurses/libtinfo6 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5862705 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... Fixed in: 6.1+20181013-2+deb10u4 ✗ Medium severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6062099 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 Fixed in: 3.6.7-4+deb10u11 ✗ High severity vulnerability found in systemd/libsystemd0 Description: CVE-2023-26604 Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... Fixed in: 241-7~deb10u9 ✗ High severity vulnerability found in systemd/libsystemd0 Description: Allocation of Resources Without Limits or Throttling Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-6277513 Introduced through: systemd/libsystemd0@241-7~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~deb10u8 From: systemd/libsystemd0@241-7~deb10u8 From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u8 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 and 4 more... ✗ High severity vulnerability found in ncurses/libtinfo6 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... Fixed in: 6.1+20181013-2+deb10u5 ✗ High severity vulnerability found in ncurses/libtinfo6 Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196 Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3 From: ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3 and 7 more... Fixed in: 6.1+20181013-2+deb10u5 ✗ High severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 Fixed in: 3.6.7-4+deb10u10 ✗ High severity vulnerability found in gnutls28/libgnutls30 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-6159414 Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3 From: gnutls28/libgnutls30@3.6.7-4+deb10u9 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 Fixed in: 3.6.7-4+deb10u12 ✗ High severity vulnerability found in glibc/libc-bin Description: Out-of-bounds Write Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488 Introduced through: glibc/libc-bin@2.28-10+deb10u2, glibc/libc6@2.28-10+deb10u2 From: glibc/libc-bin@2.28-10+deb10u2 From: glibc/libc6@2.28-10+deb10u2 ✗ High severity vulnerability found in gcc-8/libstdc++6 Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558 Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, gcc-8/gcc-8-base@8.3.0-6, gcc-8/libgcc1@1:8.3.0-6 From: gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6 and 2 more... ✗ Critical severity vulnerability found in zlib/zlib1g Description: Integer Overflow or Wraparound Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-ZLIB-6008964 Introduced through: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2 From: zlib/zlib1g@1:1.2.11.dfsg-1+deb10u2 ✗ Critical severity vulnerability found in libtasn1-6 Description: Off-by-one Error Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094 Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3 From: libtasn1-6@4.13-3 From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3 Fixed in: 4.13-3+deb10u1 ✗ Critical severity vulnerability found in db5.3/libdb5.3 Description: Out-of-bounds Read Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169 Introduced through: db5.3/libdb5.3@5.3.28+dfsg1-0.5, adduser@3.118 From: db5.3/libdb5.3@5.3.28+dfsg1-0.5 From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > pam/libpam-modules@1.3.1-5 > db5.3/libdb5.3@5.3.28+dfsg1-0.5 ------------ Detected 34 vulnerabilities for node@18.12.1 ------------ ✗ Low severity vulnerability found in node Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Low severity vulnerability found in node Description: Improper Certificate Validation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Low severity vulnerability found in node Description: Insecure Randomness Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Low severity vulnerability found in node Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969349 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.18.2 ✗ Low severity vulnerability found in node Description: Information Exposure Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969357 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.18.2 ✗ Low severity vulnerability found in node Description: Permissive Cross-domain Policy with Untrusted Domains Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252338 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 ✗ Medium severity vulnerability found in node Description: Timing Attack Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Use After Free Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Privilege Escalation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: HTTP Request Smuggling Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Inconsistency Between Implementation and Documented Design Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Buffer Over-read Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Insecure Randomness Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Buffer Underwrite (Buffer Underflow) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Privilege Escalation Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ Medium severity vulnerability found in node Description: Improper Access Control Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5843454 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.17.1 ✗ Medium severity vulnerability found in node Description: Access Restriction Bypass Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848030 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.17.1 ✗ Medium severity vulnerability found in node Description: Improper Verification of Cryptographic Signature Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5969356 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.18.2 ✗ Medium severity vulnerability found in node Description: Observable Timing Discrepancy Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252330 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 ✗ High severity vulnerability found in node Description: Insecure Permissions Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Access of Resource Using Incompatible Type ('Type Confusion') Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.14.1 ✗ High severity vulnerability found in node Description: Prototype Pollution Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ High severity vulnerability found in node Description: Denial of Service (DoS) Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.16.1 ✗ High severity vulnerability found in node Description: Arbitrary Code Injection Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5848038 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.17.1 ✗ High severity vulnerability found in node Description: Allocation of Resources Without Limits or Throttling Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252328 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 ✗ High severity vulnerability found in node Description: Code Injection Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-6252332 Introduced through: node@18.12.1 From: node@18.12.1 Fixed in: 18.19.1, 20.11.1, 21.6.2 Organization: tubone24 Package manager: deb Project name: docker-image|test-blog Docker image: test-blog Platform: linux/amd64 Base image: node:18.12.1-buster-slim Licenses: enabled Tested 85 dependencies for known issues, found 117 issues. Base Image Vulnerabilities Severity node:18.12.1-buster-slim 117 3 critical, 17 high, 23 medium, 74 low Recommendations for base image upgrade: Minor upgrades Base Image Vulnerabilities Severity node:18.19.1-buster-slim 73 2 critical, 3 high, 1 medium, 67 low Major upgrades Base Image Vulnerabilities Severity node:20.11.1-buster-slim 73 2 critical, 3 high, 1 medium, 67 low Alternative image types Base Image Vulnerabilities Severity node:21.7.0-bookworm-slim 35 1 critical, 1 high, 0 medium, 33 low node:21.7.0-bullseye-slim 66 1 critical, 1 high, 0 medium, 64 low node:lts-bookworm 170 1 critical, 3 high, 1 medium, 165 low node:20.11.0-slim 43 1 critical, 5 high, 3 medium, 34 low Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection

[github-actions[bot]]

Memlab leaks report

``` page-load [7.2MB] (baseline) [s1] > action-on-page [8.2MB] (target) [s2] > revert [9.2MB] (final) [s3] ------2 clusters------ --Similar leaks in this run: 1634-- --Retained size of leaked objects: 175.9KB-- [] (synthetic) @1 [10.4MB] --2 (shortcut)---> [Window / https://blog.tubone-project24.xyz] (object) @6269 [63.5KB] --setTimeout (property)---> [] (closure) @93849 [72 bytes] --context (internal)---> [] (object) @88569 [20 bytes] --previous (internal)---> [] (object) @48407 [30.1KB] --n (variable)---> [t] (closure) @93335 [1.3KB] --context (internal)---> [] (object) @47329 [42.5KB] --n (variable)---> [Object] (object) @53217 [42.4KB] --9077 (element)---> [Object] (object) @53237 [24 bytes] --exports (property)---> [r] (closure) @194923 [2.7KB] --hasData (property)---> [] (closure) @183565 [80 bytes] --context (internal)---> [] (object) @182807 [1.5KB] --e (variable)---> [Object] (object) @195159 [1KB] --2 (element)---> [Object] (object) @351191 [76 bytes] --aaAutocomplete (property)---> [d] (object) @351195 [348 bytes] --$node (property)---> [$] (object) @391293 [188 bytes] --0 (element)---> [Detached HTMLSpanElement] (native) @328059 [676 bytes] --7 (element)---> [Detached HTMLDivElement] (native) @328615 [5.6KB] --8 (element)---> [Detached HTMLDivElement] (native) @328453 [444 bytes] --5 (element)---> [Detached HTMLHRElement] (native) @328451 [356 bytes] --6 (element)---> [Detached HTMLDivElement] (native) @328449 [5.3KB] --5 (element)---> [Detached HTMLParagraphElement] (native) @328447 [1.3KB] --8 (element)---> [Detached HTMLAnchorElement] (native) @328439 [3.4KB] --13 (element)---> [Detached InternalNode] (native) @31130 [312 bytes] --1 (element)---> [Detached InternalNode] (native) @49900 [256 bytes] --4 (element)---> [Detached ElementIntersectionObserverData] (native) @35448 [72 bytes] --Similar leaks in this run: 479-- --Retained size of leaked objects: 49.9KB-- [] (synthetic) @1 [10.4MB] --2 (shortcut)---> [Window / https://blog.tubone-project24.xyz] (object) @6269 [63.5KB] --___replace (property)---> [] (closure) @220303 [76 bytes] --context (internal)---> [] (object) @110559 [724 bytes] --i (variable)---> [Module] (object) @55015 [6.3KB] --get version (property)---> [version] (closure) @107213 [80 bytes] --context (internal)---> [] (object) @52679 [6.5KB] --Qn (variable)---> [y] (object) @394359 [368 bytes] --props (property)---> [Object] (object) @399255 [28 bytes] --children (property)---> [Object] (object) @399257 [296 bytes] --props (property)---> [Object] (object) @400735 [56 bytes] --children (property)---> [Object] (object) @400825 [1.2KB] --__ (property)---> [Object] (object) @423491 [1.1KB] --__ (property)---> [Object] (object) @423503 [940 bytes] --__ (property)---> [Object] (object) @414935 [736 bytes] --__d (property)---> [Detached HTMLDivElement] (native) @328551 [468 bytes] --5 (element)---> [Detached HTMLDivElement] (native) @328549 [384 bytes] --5 (element)---> [Detached HTMLDivElement] (native) @328547 [384 bytes] --6 (element)---> [Detached HTMLDivElement] (native) @328099 [14.9KB] --5 (element)---> [Detached HTMLAnchorElement] (native) @328097 [2.3KB] --11 (element)---> [Detached HTMLAnchorElement] (native) @328091 [2.3KB] --13 (element)---> [Detached InternalNode] (native) @28964 [680 bytes] --1 (element)---> [Detached InternalNode] (native) @28966 [624 bytes] --3 (element)---> [Detached InternalNode] (native) @38740 [528 bytes] --1 (element)---> [Detached InternalNode] (native) @37186 [528 bytes] --3 (element)---> [Detached Attr] (native) @28266 [88 bytes] ```

[github-actions[bot]]

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static Functions path: /home/runner/work/blog/blog/functions/src Configuration path: /home/runner/work/blog/blog/netlify.toml Deploying to draft URL... ​ Netlify Build
──────────────────────────────────────────────────────────────── ​ ❯ Version @netlify/build 29.36.1 ​ ❯ Flags auth: EPJJ6iiVJKf1WzATp10YTzbujNbkSqWDiVl-3kCXA-Y deployId: 65f517d05630946557721be9 dir: ./storybook-static open: false prod: false prodIfUnlocked: false site: 905285ac-8339-48d2-86d8-8d639370a095 skipFunctionsCache: false ​ ❯ Current directory /home/runner/work/blog/blog ​ ❯ Config file /home/runner/work/blog/blog/netlify.toml ​ ❯ Context dev

Build logs: https://app.netlify.com/sites/blog-storybook/deploys/65f517d05630946557721be9 Function logs: https://app.netlify.com/sites/blog-storybook/functions?scope=deploy:65f517d05630946557721be9 Website draft URL: https://65f517d05630946557721be9--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag. netlify deploy --prod

[github-actions[bot]]

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public Functions path: /home/runner/work/blog/blog/functions/src Configuration path: /home/runner/work/blog/blog/netlify.toml Deploying to draft URL... ​ Netlify Build
──────────────────────────────────────────────────────────────── ​ ❯ Version @netlify/build 29.36.1 ​ ❯ Flags auth: TTs786GkKycSkoas9uwxVwTtamK0txQzpvHwXleU3OQ deployId: 65f5189d846e7c657ca422b3 dir: ./public functions: ./functions/src open: false prod: false prodIfUnlocked: false site: 3751ef40-b145-4249-9657-39d3fb04ae81 skipFunctionsCache: false ​ ❯ Current directory /home/runner/work/blog/blog ​ ❯ Config file /home/runner/work/blog/blog/netlify.toml ​ ❯ Context dev

Build logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/65f5189d846e7c657ca422b3 Function logs: https://app.netlify.com/sites/pensive-lamport-5822d2/functions?scope=deploy:65f5189d846e7c657ca422b3 Website draft URL: https://65f5189d846e7c657ca422b3--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag. netlify deploy --prod

[github-actions[bot]]

Bundle Analyzer URL

https://65f5189d846e7c657ca422b3--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

[github-actions[bot]]

Lighthouse Score

Desktop

Mobile