Update .whitesource
Security Report
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2023-42282Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-native-0.71.11.tgz (Root Library) -> cli-10.2.4.tgz -> cli-hermes-10.2.0.tgz -> ❌ ip-1.1.8.tgz (Vulnerable Library) |
 Critical |
9.8 | ip-1.1.8.tgz | Upgrade to version: ip - 1.1.9,2.0.1 | #20 |
CVE-2024-29415Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-native-0.71.11.tgz (Root Library) -> cli-10.2.4.tgz -> cli-hermes-10.2.0.tgz -> ❌ ip-1.1.8.tgz (Vulnerable Library) |
Critical |
9.1 | ip-1.1.8.tgz | #20 | |
CVE-2023-46233Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-native-pdf-6.7.1.tgz (Root Library) -> ❌ crypto-js-3.3.0.tgz (Vulnerable Library) |
Critical |
9.1 | crypto-js-3.3.0.tgz | Upgrade to version: crypto-js - 4.2.0 | #1 |
CVE-2024-4068Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-native-0.71.11.tgz (Root Library) -> react-native-codegen-0.71.6.tgz -> jscodeshift-0.14.0.tgz -> micromatch-4.0.5.tgz -> ❌ braces-3.0.2.tgz (Vulnerable Library) |
 High |
7.5 | braces-3.0.2.tgz | Upgrade to version: braces - 3.0.3 | #20 |
CVE-2024-4067Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-native-0.71.11.tgz (Root Library) -> react-native-codegen-0.71.6.tgz -> jscodeshift-0.14.0.tgz -> ❌ micromatch-4.0.5.tgz (Vulnerable Library) |
 Medium |
5.3 | micromatch-4.0.5.tgz | Upgrade to version: micromatch - 4.0.6 | #20 |
Total libraries scanned: 795
Scan token: 4f04972ca0764c96b9896a6820eaa988