Fix CVE–2023–26136 #3
An automation triggered a pipeline failure
Found 142 vulnerabilities. An additional 0 vulnerabilities have been marked as unaffected.
Output from Automations
5 rules were checked:
If a new dependency is added where the license risk is at least medium
then notify all users in the group admins by email
✔️ The rule did not trigger. Manage rule
If a dependency contains a vulnerability which has not been marked as unaffected and which has not triggered this rule for this dependency before
then notify all users in the group admins by email
📤 The rule triggered for the following vulnerabilities, causing an email notification. Manage rule
Vulnerability | CVSS2 | CVSS3 | Dependency | Dependency Licenses |
---|---|---|---|---|
CVE-2015-8857 | 7.5 | 9.8 | uglify-js (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2023-26136 | N/A | 9.8 | tough-cookie (npm) | BSD-3-Clause, CC0-1.0, MIT |
CVE-2023-25813 | N/A | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2022-37601 | N/A | 9.8 | loader-utils (npm) | MIT |
CVE-2023-22579 | N/A | 8.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2022-46175 | N/A | 8.8 | json5 (npm) | Debricked Unknown License, MIT |
CVE-2015-8858 | 7.8 | 7.5 | uglify-js (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2019-17221 | 5 | 7.5 | phantomjs (npm) | Apache-2.0 |
CVE-2015-8315 | 7.8 | 7.5 | ms (npm) | Debricked Unknown License, MIT |
CVE-2022-25901 | N/A | 7.5 | cookiejar (npm) | Debricked Unknown License, MIT |
CVE-2022-24999 | N/A | 7.5 | express (npm) | Debricked Unknown License, MIT |
CVE-2021-3765 | 5 | 7.5 | validator (npm) | MIT |
CVE-2022-24999 | N/A | 7.5 | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2023-22580 | N/A | 7.5 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2023-26132 | N/A | 7.5 | dottie (npm) | Debricked Unknown License, MIT |
CVE-2019-10790 | 5 | 7.5 | taffydb (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2022-25883 | N/A | 7.5 | semver (npm) | BSD-2-Clause, Debricked Unknown License, ISC, MIT |
CVE-2016-20018 | N/A | 7.5 | knex (npm) | MIT |
CVE-2022-3517 | N/A | 7.5 | minimatch (npm) | Debricked Unknown License, ISC, MIT |
CVE-2022-37603 | N/A | 7.5 | loader-utils (npm) | MIT |
CVE-2022-25881 | N/A | 7.5 | http-cache-semantics (npm) | BSD-2-Clause |
CVE-2022-37599 | N/A | 7.5 | loader-utils (npm) | MIT |
CVE-2017-20165 | 2.7 | 7.5 | debug (npm) | Debricked Unknown License, MIT |
CVE-2020-7753 | 5 | 7.5 | trim (npm) | MIT |
CVE-2023-28155 | N/A | 6.1 | request (npm) | Apache-2.0, Debricked Unknown License |
CVE-2018-1002204 | 4.3 | 5.5 | adm-zip (npm) | MIT |
CVE-2023-0842 | N/A | 5.3 | xml2js (npm) | Debricked Unknown License, MIT |
CVE-2023-44270 | N/A | 5.3 | postcss (npm) | MIT |
CVE-2017-20162 | 3.5 | 5.3 | ms (npm) | Debricked Unknown License, MIT |
CVE-2014-7191 | 5 | N/A | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
debricked-149677 | N/A | N/A | sql (npm) | Debricked Unknown License, MIT |
CVE-2023-2142 | N/A | N/A | nunjucks (npm) | BSD-2-Clause, Debricked Unknown License |
debricked-149739 | N/A | N/A | yargs-parser (npm) | ISC |
debricked-149582 | N/A | N/A | lodash.merge (npm) | MIT |
CVE-2014-8882 | N/A | N/A | validator (npm) | MIT |
debricked-149583 | N/A | N/A | lodash.merge (npm) | MIT |
debricked-149364 | N/A | N/A | ammo (npm) | BSD-3-Clause |
debricked-149815 | N/A | N/A | handlebars (npm) | Debricked Unknown License, MIT |
debricked-97165 | N/A | N/A | lodash (npm) | MIT |
debricked-149678 | N/A | N/A | npmconf (npm) | Debricked Unknown License, ISC |
debricked-149816 | N/A | N/A | handlebars (npm) | Debricked Unknown License, MIT |
debricked-149356 | N/A | N/A | hapi (npm) | BSD-3-Clause, Debricked Unknown License |
debricked-149824 | N/A | N/A | handlebars (npm) | Debricked Unknown License, MIT |
debricked-160896 | N/A | N/A | diff (npm) | BSD-3-Clause |
debricked-149358 | N/A | N/A | subtext (npm) | BSD-3-Clause |
debricked-149812 | N/A | N/A | markdown (npm) | MIT |
If there is a dependency where the license risk is at least high
then send a pipeline warning
Dependency | Dependency Licenses |
---|---|
node.extend (npm) | Debricked Unknown License, GPL-2.0-only, MIT |
If a dependency contains a vulnerability which has not been marked as unaffected
then send a pipeline warning
Vulnerability | CVSS2 | CVSS3 | Dependency | Dependency Licenses |
---|---|---|---|---|
CVE-2017-16082 | 7.5 | 9.8 | pg (npm) | Debricked Unknown License, MIT |
CVE-2020-28282 | 7.5 | 9.8 | getobject (npm) | MIT |
CVE-2018-16491 | 7.5 | 9.8 | node.extend (npm) | Debricked Unknown License, GPL-2.0-only, MIT |
CVE-2018-16487 | 7.5 | 9.8 | lodash (npm) | MIT |
CVE-2015-8857 | 7.5 | 9.8 | uglify-js (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2023-26136 | N/A | 9.8 | tough-cookie (npm) | BSD-3-Clause, CC0-1.0, MIT |
CVE-2022-37601 | N/A | 9.8 | loader-utils (npm) | MIT |
CVE-2019-10757 | 7.5 | 9.8 | knex (npm) | MIT |
CVE-2018-16492 | 7.5 | 9.8 | extend (npm) | Debricked Unknown License, MIT |
CVE-2019-19919 | 7.5 | 9.8 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2023-25813 | N/A | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2021-23369 | 7.5 | 9.8 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2016-10550 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2019-10748 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2019-10752 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2021-23383 | 7.5 | 9.8 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2019-10749 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2016-10553 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2020-28499 | 7.5 | 9.8 | merge (npm) | Debricked Unknown License, MIT |
CVE-2018-1000620 | 5 | 9.8 | cryptiles (npm) | BSD-3-Clause |
CVE-2017-16042 | 7.5 | 9.8 | growl (npm) | Debricked Unknown License, MIT |
CVE-2019-10744 | 6.4 | 9.1 | lodash.merge (npm) | MIT |
CVE-2019-10744 | 6.4 | 9.1 | lodash (npm) | MIT |
CVE-2018-3739 | 6.4 | 9.1 | https-proxy-agent (npm) | MIT |
CVE-2023-22579 | N/A | 8.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2022-46175 | N/A | 8.8 | json5 (npm) | Debricked Unknown License, MIT |
CVE-2018-3728 | 6.5 | 8.8 | hoek (npm) | BSD-3-Clause |
CVE-2019-20920 | 6.8 | 8.1 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2022-24999 | N/A | 7.5 | express (npm) | Debricked Unknown License, MIT |
CVE-2017-20165 | 2.7 | 7.5 | debug (npm) | Debricked Unknown License, MIT |
CVE-2022-25881 | N/A | 7.5 | http-cache-semantics (npm) | BSD-2-Clause |
CVE-2022-37599 | N/A | 7.5 | loader-utils (npm) | MIT |
CVE-2022-37603 | N/A | 7.5 | loader-utils (npm) | MIT |
CVE-2023-26132 | N/A | 7.5 | dottie (npm) | Debricked Unknown License, MIT |
CVE-2020-7753 | 5 | 7.5 | trim (npm) | MIT |
CVE-2023-22580 | N/A | 7.5 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2022-3517 | N/A | 7.5 | minimatch (npm) | Debricked Unknown License, ISC, MIT |
CVE-2021-3765 | 5 | 7.5 | validator (npm) | MIT |
CVE-2022-24999 | N/A | 7.5 | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2022-25883 | N/A | 7.5 | semver (npm) | BSD-2-Clause, Debricked Unknown License, ISC, MIT |
CVE-2019-10790 | 5 | 7.5 | taffydb (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2015-8858 | 7.8 | 7.5 | uglify-js (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2019-17221 | 5 | 7.5 | phantomjs (npm) | Apache-2.0 |
CVE-2015-8315 | 7.8 | 7.5 | ms (npm) | Debricked Unknown License, MIT |
CVE-2016-20018 | N/A | 7.5 | knex (npm) | MIT |
CVE-2021-23382 | 5 | 7.5 | postcss (npm) | MIT |
CVE-2022-25901 | N/A | 7.5 | cookiejar (npm) | Debricked Unknown License, MIT |
CVE-2022-29167 | 5 | 7.5 | hawk (npm) | BSD-3-Clause |
CVE-2017-16119 | 5 | 7.5 | fresh (npm) | Debricked Unknown License, MIT |
CVE-2022-24785 | 5 | 7.5 | moment (npm) | MIT |
CVE-2017-16005 | 5 | 7.5 | http-signature (npm) | MIT |
CVE-2015-9241 | 5 | 7.5 | hapi (npm) | BSD-3-Clause, Debricked Unknown License |
CVE-2017-1000048 | 5 | 7.5 | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2017-16138 | 5 | 7.5 | mime (npm) | Debricked Unknown License, MIT |
CVE-2016-10539 | 5 | 7.5 | negotiator (npm) | MIT |
CVE-2016-10540 | 5 | 7.5 | minimatch (npm) | Debricked Unknown License, ISC, MIT |
CVE-2014-6394 | 7.5 | N/A | send (npm) | Debricked Unknown License, MIT |
CVE-2022-24434 | 5 | 7.5 | dicer (npm) | MIT |
CVE-2017-18214 | 5 | 7.5 | moment (npm) | MIT |
CVE-2020-28469 | 5 | 7.5 | glob-parent (npm) | ISC |
CVE-2015-1369 | 7.5 | N/A | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2014-10064 | 5 | 7.5 | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2021-33623 | 5 | 7.5 | trim-newlines (npm) | MIT |
CVE-2021-29059 | 5 | 7.5 | is-svg (npm) | MIT |
CVE-2016-10556 | 5 | 7.5 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2021-28092 | 5 | 7.5 | is-svg (npm) | MIT |
CVE-2016-2515 | 7.8 | 7.5 | hawk (npm) | BSD-3-Clause |
CVE-2019-5484 | 5 | 7.5 | bower (npm) | MIT |
CVE-2020-7689 | 4.3 | 7.5 | bcrypt (npm) | MIT |
CVE-2020-8203 | 5.8 | 7.4 | lodash (npm) | MIT |
CVE-2021-23358 | 6.5 | 7.2 | underscore (npm) | MIT |
CVE-2020-7751 | 6.5 | 7.2 | pathval (npm) | MIT |
CVE-2021-23337 | 6.5 | 7.2 | lodash (npm) | MIT |
CVE-2020-7729 | 4.6 | 7.1 | grunt (npm) | MIT |
CVE-2022-0144 | 3.6 | 7.1 | shelljs (npm) | BSD-3-Clause, Debricked Unknown License |
CVE-2022-1537 | 6.9 | 7 | grunt (npm) | MIT |
CVE-2020-8244 | 6.4 | 6.5 | bl (npm) | MIT |
CVE-2018-3721 | 4 | 6.5 | lodash (npm) | MIT |
CVE-2019-1010266 | 4 | 6.5 | lodash (npm) | MIT |
CVE-2016-4055 | 7.8 | 6.5 | moment (npm) | MIT |
CVE-2016-10547 | 4.3 | 6.1 | nunjucks (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2018-14041 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2014-6393 | 4.3 | 6.1 | express (npm) | Debricked Unknown License, MIT |
CVE-2018-20677 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2022-0235 | 5.8 | 6.1 | node-fetch (npm) | MIT |
CVE-2015-8861 | 4.3 | 6.1 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2016-10735 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2018-20676 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2023-28155 | N/A | 6.1 | request (npm) | Apache-2.0, Debricked Unknown License |
CVE-2019-8331 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2017-16026 | 7.1 | 5.9 | request (npm) | Apache-2.0, Debricked Unknown License |
CVE-2015-9243 | 4.3 | 5.9 | hapi (npm) | BSD-3-Clause, Debricked Unknown License |
CVE-2017-16129 | 7.1 | 5.9 | superagent (npm) | Debricked Unknown License, MIT |
CVE-2020-15366 | 6.8 | 5.6 | ajv (npm) | MIT |
CVE-2018-1002204 | 4.3 | 5.5 | adm-zip (npm) | MIT |
CVE-2022-0436 | 2.1 | 5.5 | grunt (npm) | MIT |
CVE-2018-3717 | 3.5 | 5.4 | connect (npm) | Debricked Unknown License, MIT |
CVE-2023-0842 | N/A | 5.3 | xml2js (npm) | Debricked Unknown License, MIT |
CVE-2017-20162 | 3.5 | 5.3 | ms (npm) | Debricked Unknown License, MIT |
CVE-2023-44270 | N/A | 5.3 | postcss (npm) | MIT |
CVE-2017-16137 | 5 | 5.3 | debug (npm) | Debricked Unknown License, MIT |
CVE-2020-15168 | 5 | 5.3 | node-fetch (npm) | MIT |
CVE-2022-33987 | 5 | 5.3 | got (npm) | MIT |
CVE-2020-7608 | 4.6 | 5.3 | yargs-parser (npm) | ISC |
CVE-2015-9236 | 5 | 5.3 | hapi (npm) | BSD-3-Clause, Debricked Unknown License |
CVE-2015-8859 | 5 | 5.3 | send (npm) | Debricked Unknown License, MIT |
CVE-2018-1109 | 5 | 5.3 | braces (npm) | MIT |
CVE-2021-29060 | 5 | 5.3 | color-string (npm) | Debricked Unknown License, MIT |
CVE-2020-28500 | 5 | 5.3 | lodash (npm) | MIT |
CVE-2014-7191 | 5 | N/A | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2016-1000236 | 3.5 | 4.4 | cookie-signature (npm) | Debricked Unknown License, MIT |
CVE-2016-10538 | 4.9 | 3.5 | cli (npm) | MIT |
debricked-149668 | N/A | N/A | underscore.string (npm) | MIT |
debricked-149654 | N/A | N/A | https-proxy-agent (npm) | MIT |
debricked-149801 | N/A | N/A | react (npm) | Apache-2.0, BSD-3-Clause, MIT |
CVE-2023-2142 | N/A | N/A | nunjucks (npm) | BSD-2-Clause, Debricked Unknown License |
debricked-149582 | N/A | N/A | lodash.merge (npm) | MIT |
debricked-149583 | N/A | N/A | lodash.merge (npm) | MIT |
CVE-2014-8882 | N/A | N/A | validator (npm) | MIT |
debricked-149678 | N/A | N/A | npmconf (npm) | Debricked Unknown License, ISC |
debricked-149677 | N/A | N/A | sql (npm) | Debricked Unknown License, MIT |
debricked-97165 | N/A | N/A | lodash (npm) | MIT |
debricked-149515 | N/A | N/A | subtext (npm) | BSD-3-Clause |
debricked-149356 | N/A | N/A | hapi (npm) | BSD-3-Clause, Debricked Unknown License |
debricked-149524 | N/A | N/A | sequelize (npm) | Debricked Unknown License, MIT |
debricked-149739 | N/A | N/A | yargs-parser (npm) | ISC |
debricked-149712 | N/A | N/A | tunnel-agent (npm) | Apache-2.0 |
debricked-149688 | N/A | N/A | braces (npm) | MIT |
debricked-149662 | N/A | N/A | mem (npm) | MIT |
debricked-149726 | N/A | N/A | mysql (npm) | MIT |
debricked-149699 | N/A | N/A | js-yaml (npm) | MIT |
debricked-149694 | N/A | N/A | js-yaml (npm) | MIT |
debricked-180554 | N/A | N/A | shelljs (npm) | BSD-3-Clause, Debricked Unknown License |
debricked-149815 | N/A | N/A | handlebars (npm) | Debricked Unknown License, MIT |
debricked-149651 | N/A | N/A | clean-css (npm) | Debricked Unknown License, MIT |
debricked-149816 | N/A | N/A | handlebars (npm) | Debricked Unknown License, MIT |
debricked-149824 | N/A | N/A | handlebars (npm) | Debricked Unknown License, MIT |
debricked-149364 | N/A | N/A | ammo (npm) | BSD-3-Clause |
debricked-149701 | N/A | N/A | sequelize (npm) | Debricked Unknown License, MIT |
debricked-149661 | N/A | N/A | handlebars (npm) | Debricked Unknown License, MIT |
debricked-149358 | N/A | N/A | subtext (npm) | BSD-3-Clause |
debricked-160896 | N/A | N/A | diff (npm) | BSD-3-Clause |
debricked-149669 | N/A | N/A | constantinople (npm) | MIT |
debricked-149812 | N/A | N/A | markdown (npm) | MIT |
If a dependency contains a vulnerability which has not been marked as unaffected
where CVSS is at least medium (4.0-6.9)then fail pipeline
❌ The rule triggered for the following vulnerabilities, causing a pipeline failure. Manage rule
Vulnerability | CVSS2 | CVSS3 | Dependency | Dependency Licenses |
---|---|---|---|---|
CVE-2017-16082 | 7.5 | 9.8 | pg (npm) | Debricked Unknown License, MIT |
CVE-2021-23369 | 7.5 | 9.8 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2022-37601 | N/A | 9.8 | loader-utils (npm) | MIT |
CVE-2023-26136 | N/A | 9.8 | tough-cookie (npm) | BSD-3-Clause, CC0-1.0, MIT |
CVE-2015-8857 | 7.5 | 9.8 | uglify-js (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2018-16491 | 7.5 | 9.8 | node.extend (npm) | Debricked Unknown License, GPL-2.0-only, MIT |
CVE-2023-25813 | N/A | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2019-10757 | 7.5 | 9.8 | knex (npm) | MIT |
CVE-2018-16492 | 7.5 | 9.8 | extend (npm) | Debricked Unknown License, MIT |
CVE-2019-10752 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2018-16487 | 7.5 | 9.8 | lodash (npm) | MIT |
CVE-2020-28282 | 7.5 | 9.8 | getobject (npm) | MIT |
CVE-2021-23383 | 7.5 | 9.8 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2019-10749 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2019-10748 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2019-19919 | 7.5 | 9.8 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2017-16042 | 7.5 | 9.8 | growl (npm) | Debricked Unknown License, MIT |
CVE-2020-28499 | 7.5 | 9.8 | merge (npm) | Debricked Unknown License, MIT |
CVE-2016-10553 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2016-10550 | 7.5 | 9.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2018-1000620 | 5 | 9.8 | cryptiles (npm) | BSD-3-Clause |
CVE-2018-3739 | 6.4 | 9.1 | https-proxy-agent (npm) | MIT |
CVE-2019-10744 | 6.4 | 9.1 | lodash (npm) | MIT |
CVE-2019-10744 | 6.4 | 9.1 | lodash.merge (npm) | MIT |
CVE-2022-46175 | N/A | 8.8 | json5 (npm) | Debricked Unknown License, MIT |
CVE-2023-22579 | N/A | 8.8 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2018-3728 | 6.5 | 8.8 | hoek (npm) | BSD-3-Clause |
CVE-2019-20920 | 6.8 | 8.1 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2021-3765 | 5 | 7.5 | validator (npm) | MIT |
CVE-2023-26132 | N/A | 7.5 | dottie (npm) | Debricked Unknown License, MIT |
CVE-2021-23382 | 5 | 7.5 | postcss (npm) | MIT |
CVE-2016-20018 | N/A | 7.5 | knex (npm) | MIT |
CVE-2022-25881 | N/A | 7.5 | http-cache-semantics (npm) | BSD-2-Clause |
CVE-2022-37599 | N/A | 7.5 | loader-utils (npm) | MIT |
CVE-2022-37603 | N/A | 7.5 | loader-utils (npm) | MIT |
CVE-2020-7753 | 5 | 7.5 | trim (npm) | MIT |
CVE-2022-25901 | N/A | 7.5 | cookiejar (npm) | Debricked Unknown License, MIT |
CVE-2017-20165 | 2.7 | 7.5 | debug (npm) | Debricked Unknown License, MIT |
CVE-2022-3517 | N/A | 7.5 | minimatch (npm) | Debricked Unknown License, ISC, MIT |
CVE-2022-24999 | N/A | 7.5 | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2022-25883 | N/A | 7.5 | semver (npm) | BSD-2-Clause, Debricked Unknown License, ISC, MIT |
CVE-2023-22580 | N/A | 7.5 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2015-8858 | 7.8 | 7.5 | uglify-js (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2019-17221 | 5 | 7.5 | phantomjs (npm) | Apache-2.0 |
CVE-2022-24999 | N/A | 7.5 | express (npm) | Debricked Unknown License, MIT |
CVE-2015-8315 | 7.8 | 7.5 | ms (npm) | Debricked Unknown License, MIT |
CVE-2019-10790 | 5 | 7.5 | taffydb (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2017-16119 | 5 | 7.5 | fresh (npm) | Debricked Unknown License, MIT |
CVE-2021-33623 | 5 | 7.5 | trim-newlines (npm) | MIT |
CVE-2017-16138 | 5 | 7.5 | mime (npm) | Debricked Unknown License, MIT |
CVE-2022-24785 | 5 | 7.5 | moment (npm) | MIT |
CVE-2017-1000048 | 5 | 7.5 | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2016-2515 | 7.8 | 7.5 | hawk (npm) | BSD-3-Clause |
CVE-2017-18214 | 5 | 7.5 | moment (npm) | MIT |
CVE-2022-29167 | 5 | 7.5 | hawk (npm) | BSD-3-Clause |
CVE-2016-10540 | 5 | 7.5 | minimatch (npm) | Debricked Unknown License, ISC, MIT |
CVE-2021-29059 | 5 | 7.5 | is-svg (npm) | MIT |
CVE-2021-28092 | 5 | 7.5 | is-svg (npm) | MIT |
CVE-2016-10556 | 5 | 7.5 | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2014-10064 | 5 | 7.5 | qs (npm) | BSD-3-Clause, Debricked Unknown License, MIT |
CVE-2019-5484 | 5 | 7.5 | bower (npm) | MIT |
CVE-2020-7689 | 4.3 | 7.5 | bcrypt (npm) | MIT |
CVE-2017-16005 | 5 | 7.5 | http-signature (npm) | MIT |
CVE-2015-9241 | 5 | 7.5 | hapi (npm) | BSD-3-Clause, Debricked Unknown License |
CVE-2016-10539 | 5 | 7.5 | negotiator (npm) | MIT |
CVE-2015-1369 | 7.5 | N/A | sequelize (npm) | Debricked Unknown License, MIT |
CVE-2020-28469 | 5 | 7.5 | glob-parent (npm) | ISC |
CVE-2014-6394 | 7.5 | N/A | send (npm) | Debricked Unknown License, MIT |
CVE-2022-24434 | 5 | 7.5 | dicer (npm) | MIT |
CVE-2020-8203 | 5.8 | 7.4 | lodash (npm) | MIT |
CVE-2021-23337 | 6.5 | 7.2 | lodash (npm) | MIT |
CVE-2021-23358 | 6.5 | 7.2 | underscore (npm) | MIT |
CVE-2020-7751 | 6.5 | 7.2 | pathval (npm) | MIT |
CVE-2020-7729 | 4.6 | 7.1 | grunt (npm) | MIT |
CVE-2022-0144 | 3.6 | 7.1 | shelljs (npm) | BSD-3-Clause, Debricked Unknown License |
CVE-2022-1537 | 6.9 | 7 | grunt (npm) | MIT |
CVE-2018-3721 | 4 | 6.5 | lodash (npm) | MIT |
CVE-2016-4055 | 7.8 | 6.5 | moment (npm) | MIT |
CVE-2019-1010266 | 4 | 6.5 | lodash (npm) | MIT |
CVE-2020-8244 | 6.4 | 6.5 | bl (npm) | MIT |
CVE-2023-28155 | N/A | 6.1 | request (npm) | Apache-2.0, Debricked Unknown License |
CVE-2015-8861 | 4.3 | 6.1 | handlebars (npm) | Debricked Unknown License, MIT |
CVE-2014-6393 | 4.3 | 6.1 | express (npm) | Debricked Unknown License, MIT |
CVE-2016-10547 | 4.3 | 6.1 | nunjucks (npm) | BSD-2-Clause, Debricked Unknown License |
CVE-2018-14041 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2022-0235 | 5.8 | 6.1 | node-fetch (npm) | MIT |
CVE-2019-8331 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2018-20677 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2018-20676 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2016-10735 | 4.3 | 6.1 | bootstrap (npm) | Debricked Unknown License, MIT |
CVE-2017-16026 | 7.1 | 5.9 | request (npm) | Apache-2.0, Debricked Unknown License |
CVE-2017-16129 | 7.1 | 5.9 | superagent (npm) | Debricked Unknown License, MIT |
CVE-2015-9243 | 4.3 | 5.9 | hapi (npm) | BSD-3-Clause, Debricked Unknown License |
CVE-2020-15366 | 6.8 | 5.6 | ajv (npm) | MIT |
CVE-2022-0436 | 2.1 | 5.5 | grunt (npm) | MIT |
CVE-2018-1002204 | 4.3 | 5.5 | adm-zip (npm) | MIT |
CVE-2018-3717 | 3.5 | 5.4 | connect (npm) | Debricked Unknown License, MIT |
CVE-2023-0842 | N/A | 5.3 | xml2js (npm) | Debricked Unknown License, MIT |
CVE-2015-8859 | 5 | 5.3 | send (npm) | Debricked Unknown License, MIT |
CVE-2017-20162 | 3.5 | 5.3 | ms (npm) | Debricked Unknown License, MIT |
CVE-2023-44270 | N/A | 5.3 | postcss (npm) | MIT |
CVE-2020-7608 | 4.6 | 5.3 | yargs-parser (npm) | ISC |
[CVE-2018-1109](https://debricked.com/... |
[Output was too long for GitHub]