Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update internal #565

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

fix(deps): update internal

ab89b15
Select commit
Loading
Failed to load commit list.
Open

fix(deps): update internal #565

fix(deps): update internal
ab89b15
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Feb 4, 2025 in 3m 27s

Security Report

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue Reachability
CVE-2025-2306

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/mongoose/package.json

Dependency Hierarchy:

-> @mathigon/studio-0.1.43.tgz (Root Library)

   -> ❌ mongoose-8.5.2.tgz (Vulnerable Library)

Critical 9.4 mongoose-8.5.2.tgz Upgrade to version: mongoose -6.13.6,7.8.4,8.9.5 #564

Reachable

Base branch total remaining vulnerabilities: 16
Base branch commit: 232ec42eca86c00997d5712a01e5b2768475a83d


Total libraries scanned: 710

Scan token: 710e2974e689465f97f40b3f4c9918a9

View more details on Mend for GitHub.com