-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
11 changed files
with
54 additions
and
12 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -10,6 +10,8 @@ fixtures/locks-e2e/1-yarn.lock: found 1678 packages | |
| GHSA-93q8-gq69-wqmw: Inefficient Regular Expression Complexity in chalk/ansi-regex (https://github.com/advisories/GHSA-93q8-gq69-wqmw) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-fwr7-v2mv-hh25: Prototype Pollution in async (https://github.com/advisories/GHSA-fwr7-v2mv-hh25) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-gxpj-cx7g-858c: Regular Expression Denial of Service in debug (https://github.com/advisories/GHSA-gxpj-cx7g-858c) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-w573-4hg7-7wgq: decode-uri-component vulnerable to Denial of Service (DoS) (https://github.com/advisories/GHSA-w573-4hg7-7wgq) | ||
| [email protected] is affected by the following vulnerabilities: | ||
|
|
@@ -52,6 +54,8 @@ fixtures/locks-e2e/1-yarn.lock: found 1678 packages | |
| GHSA-r8f7-9pfq-mjmv: Improper Certificate Validation in node-sass (https://github.com/advisories/GHSA-r8f7-9pfq-mjmv) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-rp65-9cf3-cjxr: Inefficient Regular Expression Complexity in nth-check (https://github.com/advisories/GHSA-rp65-9cf3-cjxr) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-7fh5-64p2-3v2j: PostCSS line return parsing error (https://github.com/advisories/GHSA-7fh5-64p2-3v2j) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-hrpp-h998-j3pp: qs vulnerable to Prototype Pollution (https://github.com/advisories/GHSA-hrpp-h998-j3pp) | ||
| [email protected] is affected by the following vulnerabilities: | ||
|
|
@@ -99,4 +103,4 @@ fixtures/locks-e2e/1-yarn.lock: found 1678 packages | |
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-j8xg-fqg3-53r7: word-wrap vulnerable to Regular Expression Denial of Service (https://github.com/advisories/GHSA-j8xg-fqg3-53r7) | ||
|
|
||
| 56 known vulnerabilities found in fixtures/locks-e2e/1-yarn.lock | ||
| 58 known vulnerabilities found in fixtures/locks-e2e/1-yarn.lock | ||
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -33,7 +33,7 @@ fixtures/locks-e2e/2-go.mod: found 73 packages | |
| golang.org/x/[email protected] is affected by the following vulnerabilities: | ||
| GHSA-p782-xgp4-8hr8: golang.org/x/sys/unix has Incorrect privilege reporting in syscall (https://github.com/advisories/GHSA-p782-xgp4-8hr8) | ||
| golang.org/x/[email protected] is affected by the following vulnerabilities: | ||
| GHSA-69ch-w2m2-3vjp: Denial of service in golang.org/x/text/language (https://github.com/advisories/GHSA-69ch-w2m2-3vjp) | ||
| GHSA-69ch-w2m2-3vjp: golang.org/x/text/language Denial of service via crafted Accept-Language header (https://github.com/advisories/GHSA-69ch-w2m2-3vjp) | ||
| GHSA-ppp9-7jff-5vj2: golang.org/x/text/language Out-of-bounds Read vulnerability (https://github.com/advisories/GHSA-ppp9-7jff-5vj2) | ||
|
|
||
| 24 known vulnerabilities found in fixtures/locks-e2e/2-go.mod | ||
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -9,7 +9,7 @@ fixtures/locks-e2e/2-pom.xml: found 8 packages | |
| GHSA-fvm3-cfvj-gxqq: High severity vulnerability that affects commons-fileupload:commons-fileupload (https://github.com/advisories/GHSA-fvm3-cfvj-gxqq) | ||
| GHSA-hfrx-6qgj-fp6c: Apache Commons FileUpload denial of service vulnerability (https://github.com/advisories/GHSA-hfrx-6qgj-fp6c) | ||
| GHSA-qx6h-9567-5fqw: Arbitrary file write in Apache Commons Fileupload (https://github.com/advisories/GHSA-qx6h-9567-5fqw) | ||
| GHSA-xx68-jfcg-xmmf: High severity vulnerability that affects commons-fileupload:commons-fileupload (https://github.com/advisories/GHSA-xx68-jfcg-xmmf) | ||
| GHSA-xx68-jfcg-xmmf: Commons FileUpload Denial of service vulnerability (https://github.com/advisories/GHSA-xx68-jfcg-xmmf) | ||
| org.jsoup:[email protected] is affected by the following vulnerabilities: | ||
| GHSA-48rh-qgjr-xfj6: Improper Neutralization of Input During Web Page Generation in Jsoup (https://github.com/advisories/GHSA-48rh-qgjr-xfj6) | ||
| GHSA-gp7f-rwcx-9369: jsoup may not sanitize code injection XSS attempts if SafeList.preserveRelativeLinks is enabled (https://github.com/advisories/GHSA-gp7f-rwcx-9369) | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -18,12 +18,18 @@ fixtures/locks-e2e/2-yarn.lock: found 1991 packages | |
| GHSA-fwr7-v2mv-hh25: Prototype Pollution in async (https://github.com/advisories/GHSA-fwr7-v2mv-hh25) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-fwr7-v2mv-hh25: Prototype Pollution in async (https://github.com/advisories/GHSA-fwr7-v2mv-hh25) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-gxpj-cx7g-858c: Regular Expression Denial of Service in debug (https://github.com/advisories/GHSA-gxpj-cx7g-858c) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-gxpj-cx7g-858c: Regular Expression Denial of Service in debug (https://github.com/advisories/GHSA-gxpj-cx7g-858c) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-w573-4hg7-7wgq: decode-uri-component vulnerable to Denial of Service (DoS) (https://github.com/advisories/GHSA-w573-4hg7-7wgq) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-phwq-j96m-2c2q: ejs template injection vulnerability (https://github.com/advisories/GHSA-phwq-j96m-2c2q) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-6h5x-7c5m-7cr7: Exposure of Sensitive Information in eventsource (https://github.com/advisories/GHSA-6h5x-7c5m-7cr7) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-4q6p-r6v2-jvc5: Chaijs/get-func-name vulnerable to ReDoS (https://github.com/advisories/GHSA-4q6p-r6v2-jvc5) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-ww39-953v-wcq6: glob-parent before 5.1.2 vulnerable to Regular Expression Denial of Service in enclosure regex (https://github.com/advisories/GHSA-ww39-953v-wcq6) | ||
| [email protected] is affected by the following vulnerabilities: | ||
|
|
@@ -73,6 +79,8 @@ fixtures/locks-e2e/2-yarn.lock: found 1991 packages | |
| GHSA-5fw9-fq32-wv5p: OS Command Injection in node-notifier (https://github.com/advisories/GHSA-5fw9-fq32-wv5p) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-rp65-9cf3-cjxr: Inefficient Regular Expression Complexity in nth-check (https://github.com/advisories/GHSA-rp65-9cf3-cjxr) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-7fh5-64p2-3v2j: PostCSS line return parsing error (https://github.com/advisories/GHSA-7fh5-64p2-3v2j) | ||
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-hrpp-h998-j3pp: qs vulnerable to Prototype Pollution (https://github.com/advisories/GHSA-hrpp-h998-j3pp) | ||
| [email protected] is affected by the following vulnerabilities: | ||
|
|
@@ -105,4 +113,4 @@ fixtures/locks-e2e/2-yarn.lock: found 1991 packages | |
| [email protected] is affected by the following vulnerabilities: | ||
| GHSA-j8xg-fqg3-53r7: word-wrap vulnerable to Regular Expression Denial of Service (https://github.com/advisories/GHSA-j8xg-fqg3-53r7) | ||
|
|
||
| 58 known vulnerabilities found in fixtures/locks-e2e/2-yarn.lock | ||
| 62 known vulnerabilities found in fixtures/locks-e2e/2-yarn.lock | ||