PMM-12442 show full summary on fired alerts #684
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2023-45133Dependency Hierarchy: -> toolkit-9.2.20.tgz (Root Library) -> core-27.5.1.tgz -> jest-config-27.5.1.tgz -> core-7.16.7.tgz -> ❌ traverse-7.16.7.tgz (Vulnerable Library) |
 Critical |
9.3 | traverse-7.16.7.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2023-45133Dependency Hierarchy: -> e2e-9.2.20.tgz (Root Library) -> core-7.19.0.tgz -> ❌ traverse-7.19.0.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.19.0.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2023-45133Dependency Hierarchy: -> toolkit-9.2.20.tgz (Root Library) -> core-7.18.9.tgz -> ❌ traverse-7.18.9.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.18.9.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2023-45133Dependency Hierarchy: -> toolkit-9.2.20.tgz (Root Library) -> plugin-proposal-class-properties-7.18.6.tgz -> helper-create-class-features-plugin-7.18.6.tgz -> helper-replace-supers-7.18.6.tgz -> ❌ traverse-7.18.6.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.18.6.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2023-45133Dependency Hierarchy: -> toolkit-9.2.20.tgz (Root Library) -> babel-jest-27.5.1.tgz -> transform-27.5.1.tgz -> core-7.15.8.tgz -> ❌ traverse-7.15.4.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.15.4.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2023-45133Dependency Hierarchy: -> toolkit-9.2.20.tgz (Root Library) -> core-27.5.1.tgz -> jest-snapshot-27.5.1.tgz -> core-7.16.0.tgz -> helper-module-transforms-7.16.5.tgz -> ❌ traverse-7.16.5.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.16.5.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2023-45133Dependency Hierarchy: -> toolkit-9.2.20.tgz (Root Library) -> core-27.5.1.tgz -> jest-snapshot-27.5.1.tgz -> ❌ traverse-7.16.3.tgz (Vulnerable Library) |
Critical |
9.3 | traverse-7.16.3.tgz | Upgrade to version: @babel/traverse - 7.23.2 | None |
CVE-2021-44716Dependency Hierarchy: -> ❌ github.com/cortexproject/cortex-v1.10.1-0.20211014125347-85c378182d0d (Vulnerable Library) |
 High |
7.5 | github.com/cortexproject/cortex-v1.10.1-0.20211014125347-85c378182d0d | Upgrade to version: github.com/golang/net - 491a49abca63de5e07ef554052d180a1b5fe2d70 | None |
CVE-2022-23471Dependency Hierarchy: -> github.com/docker/docker-v20.10.8+incompatible (Root Library) -> ❌ github.com/containerd/Containerd-v1.6.6 (Vulnerable Library) |
 Medium |
6.5 | github.com/containerd/Containerd-v1.6.6 | Upgrade to version: v1.6.12 | None |
CVE-2022-24769Dependency Hierarchy: -> ❌ github.com/docker/docker-v20.10.8+incompatible (Vulnerable Library) |
Medium |
5.9 | github.com/docker/docker-v20.10.8+incompatible | Upgrade to version: v20.10.14 | None |
CVE-2022-29526Dependency Hierarchy: -> ❌ github.com/cortexproject/cortex-v1.10.1-0.20211014125347-85c378182d0d (Vulnerable Library) |
Medium |
5.3 | github.com/cortexproject/cortex-v1.10.1-0.20211014125347-85c378182d0d | Upgrade to version: go1.17.10,go1.18.2,go1.19 | None |
Base branch total remaining vulnerabilities: 67
Base branch commit: 8c4a52cf4a9a446ed0a39311260a3853e73fad5d
Total libraries scanned: 2171
Scan token: aef5e252050540ea97fb307dc0319403