An automation triggered a pipeline warning
Found 31 vulnerabilities. An additional 0 vulnerabilities have been marked as unaffected.
Output from Automations
4 rules were checked:
If a new dependency is added where the license risk is at least medium
then notify all users in the group admins by email
✔️ The rule did not trigger. Manage rule
If a dependency contains a vulnerability which has not been marked as unaffected and which has not triggered this rule for this dependency before
then notify all users in the group admins by email
✔️ The rule did not trigger. Manage rule
If there is a dependency where the license risk is at least high
then send a pipeline warning
✔️ The rule did not trigger. Manage rule
If a dependency contains a vulnerability which has not been marked as unaffected
then send a pipeline warning
⚠️ The rule triggered for the following vulnerabilities, causing a pipeline warning. Manage rule
| Vulnerability |
CVSS2 |
CVSS3 |
Dependency |
Dependency Licenses |
| CVE-2021-23369 |
7.5 |
9.8 |
handlebars (npm) |
Debricked Unknown License, MIT |
| CVE-2020-28472 |
7.5 |
9.8 |
aws-sdk (npm) |
Apache-2.0 |
| CVE-2015-8857 |
7.5 |
9.8 |
uglify-js (npm) |
BSD-2-Clause, Debricked Unknown License |
| CVE-2023-26136 |
N/A |
9.8 |
tough-cookie (npm) |
BSD-3-Clause, CC0-1.0, MIT |
| CVE-2018-16487 |
7.5 |
9.8 |
lodash (npm) |
MIT |
| CVE-2021-23383 |
7.5 |
9.8 |
handlebars (npm) |
Debricked Unknown License, MIT |
| CVE-2019-19919 |
7.5 |
9.8 |
handlebars (npm) |
Debricked Unknown License, MIT |
| CVE-2019-10744 |
6.4 |
9.1 |
lodash (npm) |
MIT |
| CVE-2023-45133 |
N/A |
8.8 |
@babel/traverse (npm) |
MIT |
| CVE-2023-45133 |
N/A |
8.8 |
babel-plugin-polyfill-corejs2 (npm) |
MIT |
| CVE-2023-45133 |
N/A |
8.8 |
babel-plugin-polyfill-corejs3 (npm) |
MIT |
| CVE-2023-45133 |
N/A |
8.8 |
babel-plugin-polyfill-regenerator (npm) |
MIT |
| CVE-2019-20920 |
6.8 |
8.1 |
handlebars (npm) |
Debricked Unknown License, MIT |
| CVE-2021-43138 |
6.8 |
7.8 |
async (npm) |
MIT |
| CVE-2015-8858 |
7.8 |
7.5 |
uglify-js (npm) |
BSD-2-Clause, Debricked Unknown License |
| CVE-2020-8203 |
5.8 |
7.4 |
lodash (npm) |
MIT |
| CVE-2021-23358 |
6.5 |
7.2 |
underscore (npm) |
MIT |
| CVE-2021-23337 |
6.5 |
7.2 |
lodash (npm) |
MIT |
| CVE-2018-3721 |
4 |
6.5 |
lodash (npm) |
MIT |
| CVE-2019-1010266 |
4 |
6.5 |
lodash (npm) |
MIT |
| CVE-2016-10744 |
4.3 |
6.1 |
select2 (npm) |
Apache-2.0, GPL-2.0-only, MIT |
| CVE-2015-9251 |
4.3 |
6.1 |
jquery (npm) |
MIT |
| CVE-2020-23064 |
N/A |
6.1 |
jquery (npm) |
MIT |
| CVE-2020-11022 |
4.3 |
6.1 |
jquery (npm) |
MIT |
| CVE-2015-8861 |
4.3 |
6.1 |
handlebars (npm) |
Debricked Unknown License, MIT |
| CVE-2020-11023 |
4.3 |
6.1 |
jquery (npm) |
MIT |
| CVE-2019-11358 |
4.3 |
6.1 |
jquery (npm) |
MIT |
| CVE-2023-28155 |
N/A |
6.1 |
request (npm) |
Apache-2.0, Debricked Unknown License |
| CVE-2020-28500 |
5 |
5.3 |
lodash (npm) |
MIT |
| CVE-2023-0842 |
N/A |
5.3 |
xml2js (npm) |
Debricked Unknown License, MIT |
| debricked-149816 |
N/A |
N/A |
handlebars (npm) |
Debricked Unknown License, MIT |
| debricked-149661 |
N/A |
N/A |
handlebars (npm) |
Debricked Unknown License, MIT |
| debricked-149824 |
N/A |
N/A |
handlebars (npm) |
Debricked Unknown License, MIT |
| debricked-149815 |
N/A |
N/A |
handlebars (npm) |
Debricked Unknown License, MIT |