Open
Description
Hi, I normally run Trivy when I clone repos locally. Just wanted to share the results with you so that you can update the package versions in your next PR.
| ` Library | Vulnerability | Severity | Installed Version | Fixed Version | Description | Link |
|---|---|---|---|---|---|---|
| axios | CVE-2024-39338 | HIGH | 1.6.0 | 1.7.4 | Server-Side Request Forgery | Details |
| braces | CVE-2024-4068 | MEDIUM | 3.0.2 | 3.0.3 | Fails to limit the number of characters it can handle | Details |
| follow-redirects | CVE-2023-26159 | MEDIUM | 1.15.3 | 1.15.4 | Improper Input Validation due to improper URL handling | Details |
| follow-redirects | CVE-2024-28849 | MEDIUM | 1.15.3 | 1.15.6 | Possible credential leak | Details |
| langchain | CVE-2024-7774 | MEDIUM | 0.0.182 | 0.2.19 | Path Traversal vulnerability | Details |
| micromatch | CVE-2024-4067 | MEDIUM | 4.0.5 | 4.0.8 | Regular Expression Denial of Service (ReDoS) | Details |
| next | CVE-2024-34350 | HIGH | 13.4.13 | 13.5.1 | Vulnerable to HTTP Request Smuggling | Details |
| next | CVE-2024-34351 | HIGH | 13.4.13 | 14.1.1 | Server-Side Request Forgery in Server Actions | Details |
| next | CVE-2024-39693 | HIGH | 13.4.13 | 13.5.0 | Denial of Service (DoS) condition | Details |
| next | CVE-2024-47831 | MEDIUM | 13.4.13 | 14.2.7 | Image optimization has a Denial of Service (DoS) condition | Details |
| next | CVE-2023-46298 | LOW | 13.4.13 | 13.4.20-canary.13 | Missing cache-control header may lead to CDN caching empty replies | Details |
| postcss | CVE-2023-44270 | MEDIUM | 8.4.14 / 8.4.27 | 8.4.31 | Improper input validation in PostCSS | Details |
| svelte | CVE-2024-45047 | MEDIUM | 4.2.2 | 4.2.19 | Potential mXSS vulnerability due to improper HTML escaping | Details |
Activity