24 changed files with 49 additions and 119 deletions
File diff suppressed because one or more lines are too long
Binary file not shown.
@ -0,0 +1 @@ |
|||||||
|
{"source":1112455,"name":"lodash","dependency":"lodash","title":"Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions","url":"https://github.com/advisories/GHSA-xxjr-mmjv-4gpg","severity":"moderate","versions":["0.1.0","0.2.0","0.2.1","0.2.2","0.3.0","0.3.1","0.3.2","0.4.0","0.4.1","0.4.2","0.5.0-rc.1","0.5.0","0.5.1","0.5.2","0.6.0","0.6.1","0.7.0","0.8.0","0.8.1","0.8.2","0.9.0","0.9.1","0.9.2","0.10.0","1.0.0-rc.1","1.0.0-rc.2","1.0.0-rc.3","1.0.0","1.0.1","1.0.2","1.1.0","1.1.1","1.2.0","1.2.1","1.3.0","1.3.1","2.0.0","2.1.0","2.2.0","2.2.1","2.3.0","2.4.0","2.4.1","2.4.2","3.0.0","3.0.1","3.1.0","3.2.0","3.3.0","3.3.1","3.4.0","3.5.0","3.6.0","3.7.0","3.8.0","3.9.0","3.9.1","3.9.2","3.9.3","3.10.0","3.10.1","4.0.0","4.0.1","4.1.0","4.2.0","4.2.1","4.3.0","4.4.0","4.5.0","4.5.1","4.6.0","4.6.1","4.7.0","4.8.0","4.8.1","4.8.2","4.9.0","4.10.0","4.11.0","4.11.1","4.11.2","4.12.0","4.13.0","4.13.1","4.14.0","4.14.1","4.14.2","4.15.0","4.16.0","4.16.1","4.16.2","4.16.3","4.16.4","4.16.5","4.16.6","4.17.0","4.17.1","4.17.2","4.17.3","4.17.4","4.17.5","4.17.9","4.17.10","4.17.11","4.17.12","4.17.13","4.17.14","4.17.15","4.17.16","4.17.17","4.17.18","4.17.19","4.17.20","4.17.21","4.17.23"],"vulnerableVersions":["4.0.0","4.0.1","4.1.0","4.2.0","4.2.1","4.3.0","4.4.0","4.5.0","4.5.1","4.6.0","4.6.1","4.7.0","4.8.0","4.8.1","4.8.2","4.9.0","4.10.0","4.11.0","4.11.1","4.11.2","4.12.0","4.13.0","4.13.1","4.14.0","4.14.1","4.14.2","4.15.0","4.16.0","4.16.1","4.16.2","4.16.3","4.16.4","4.16.5","4.16.6","4.17.0","4.17.1","4.17.2","4.17.3","4.17.4","4.17.5","4.17.9","4.17.10","4.17.11","4.17.12","4.17.13","4.17.14","4.17.15","4.17.16","4.17.17","4.17.18","4.17.19","4.17.20","4.17.21"],"cwe":["CWE-1321"],"cvss":{"score":6.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},"range":">=4.0.0 <=4.17.22","id":"OGNA5lR8rR8aeucWHqvJLBV5oaroI/lF2JfG9J2l63dx9uiGUyHuI4ymC6nv+dqWwxtqCIMcqBukiWYEiF5/RQ=="} |
||||||
@ -0,0 +1 @@ |
|||||||
|
{"source":"OGNA5lR8rR8aeucWHqvJLBV5oaroI/lF2JfG9J2l63dx9uiGUyHuI4ymC6nv+dqWwxtqCIMcqBukiWYEiF5/RQ==","name":"workbox-build","dependency":"lodash","title":"Depends on vulnerable versions of lodash","url":null,"severity":"moderate","versions":["0.0.1","0.0.2","0.0.3","1.0.0","1.0.1","1.1.0","1.2.0","1.3.0","2.0.0","2.0.1","2.0.2-2.0.2-rc1.0","2.0.2-rc1","2.0.2","2.0.3","2.1.0","2.1.1","2.1.2","2.1.3","3.0.0-alpha.1","3.0.0-alpha.2","3.0.0-alpha.3","3.0.0-alpha.4","3.0.0-alpha.5","3.0.0-alpha.6","3.0.0-beta.0","3.0.0-beta.1","3.0.0-beta.2","3.0.0","3.0.1","3.1.0","3.2.0","3.3.0","3.3.1","3.4.1","3.5.0","3.6.1","3.6.2","3.6.3","4.0.0-alpha.0","4.0.0-beta.0","4.0.0-beta.1","4.0.0-beta.2","4.0.0-rc.0","4.0.0-rc.1","4.0.0-rc.2","4.0.0-rc.3","4.0.0-rc.4","4.0.0","4.1.0","4.1.1","4.2.0","4.3.0","4.3.1","5.0.0-alpha.0","5.0.0-alpha.1","5.0.0-alpha.2","5.0.0-beta.0","5.0.0-beta.1","5.0.0-rc.0","5.0.0-rc.1","5.0.0-rc.2","5.0.0","5.1.0","5.1.1","5.1.2","5.1.3","5.1.4","6.0.0-alpha.0","6.0.0-alpha.1","6.0.0-alpha.2","6.0.0-alpha.3","6.0.0-rc.0","6.0.0","6.0.2","6.1.0","6.1.1","6.1.2","6.1.5","6.2.0-alpha.0","6.2.0-alpha.1","6.2.0-alpha.2","6.2.0","6.2.1","6.2.2","6.2.3","6.2.4","6.3.0","6.4.0","6.4.1","6.4.2","6.5.0","6.5.1","6.5.2","6.5.3","6.5.4","6.6.0","6.6.1","7.0.0","7.1.0","7.1.1","7.3.0","7.4.0"],"vulnerableVersions":[],"cwe":["CWE-1321"],"cvss":{"score":6.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},"range":"<0.0.0-0","id":"1QbBhWMbuLJj1mAZkIDrToBu1oWaLdyYvi+aTUtkHjoUtQdipuOatnRo5VmNSDzxd/JjrSj+O+7GcHYQSj6p9w=="} |
||||||
Binary file not shown.
File diff suppressed because one or more lines are too long
Binary file not shown.
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
8b55ce2e4803bc4f9b5b9c6dbfc4346bbde2c4cd {"key":"security-advisory:lodash:OGNA5lR8rR8aeucWHqvJLBV5oaroI/lF2JfG9J2l63dx9uiGUyHuI4ymC6nv+dqWwxtqCIMcqBukiWYEiF5/RQ==","integrity":"sha512-L4djKvCrCDBs12HWynDZj+JXWJqz7BQhdvc8ZJm2TdTHyNJAcREP+4if+RyWMyxS1sv004pctks+XCjjt0stPA==","time":1770670272984,"size":1956} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
f2f8749277c277e5d385bc8d1abdd9acd69b9d04 {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/@isaacs%2fbrace-expansion","integrity":"sha512-quloCIdfia1MWR8/JokPMtU9RrJW/j3t+Ta5NCbweI8lInadENJYSI1g1InjtS+FLoMZtBtinuyyzfYdb8J0yw==","time":1770670251811,"size":7366,"metadata":{"time":1770670251808,"url":"https://registry.npmjs.org/@isaacs%2fbrace-expansion","reqHeaders":{"accept":"application/json"},"resHeaders":{"cache-control":"public, max-age=300","content-encoding":"gzip","content-type":"application/json","date":"Mon, 09 Feb 2026 20:50:51 GMT","etag":"W/\"dd5122ae424fb801a8701bfa21430df7\"","last-modified":"Tue, 03 Feb 2026 17:40:12 GMT","vary":"accept-encoding, accept"},"options":{"compress":true}}} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
5f3b1d4b24ed5a625440133c0cdc1a13432babc9 {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/@isaacs%2fbalanced-match","integrity":"sha512-uwPTPhkq4vs4XoBpekqHCsAJr+dG1tCtQ1OLgVTTsuIn0U1iOguo0p2fEp58ZaiHUQBn3Ve4X4sOduYb0W3J1w==","time":1770670272177,"size":7823,"metadata":{"time":1770670272169,"url":"https://registry.npmjs.org/@isaacs%2fbalanced-match","reqHeaders":{"accept":"application/json"},"resHeaders":{"cache-control":"public, max-age=300","content-encoding":"gzip","content-type":"application/json","date":"Mon, 09 Feb 2026 20:51:12 GMT","etag":"W/\"1dadbf5760c67cb3a012e02073994877\"","last-modified":"Thu, 12 Jun 2025 20:05:57 GMT","vary":"accept-encoding, accept"},"options":{"compress":true}}} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
a0bcda3df3cd894dada40500fb3b2b1a950388ae {"key":"security-advisory:workbox-build:1QbBhWMbuLJj1mAZkIDrToBu1oWaLdyYvi+aTUtkHjoUtQdipuOatnRo5VmNSDzxd/JjrSj+O+7GcHYQSj6p9w==","integrity":"sha512-TvQjlB1AL+sljzVwIJf5otDjsiVUzjT+sNO0MN9OJF2xBYvp5eFVX8YAWjSUHYY7txnceGe5v0tf9g6BN6lg4g==","time":1770670273112,"size":1553} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
9970619c5e0b79de00c0ba7ea7f43c503ca53d44 {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/workbox-build","integrity":"sha512-IHm9bN6tF0GlYzZ4QQfGqEnLiJirbB2XlK4w1UgmXW+22KQoi89pOcRZHHxJi+yiVSERa4z4475S+0szGYNgUw==","time":1770670273105,"size":192745,"metadata":{"time":1770670273056,"url":"https://registry.npmjs.org/workbox-build","reqHeaders":{"accept":"application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*"},"resHeaders":{"cache-control":"public, max-age=300","content-encoding":"gzip","content-type":"application/vnd.npm.install-v1+json","date":"Mon, 09 Feb 2026 20:51:13 GMT","etag":"W/\"933ffd9bb6d73318dc1a36e4acbf6e41\"","last-modified":"Wed, 19 Nov 2025 17:46:40 GMT","vary":"accept-encoding, accept"},"options":{"compress":true}}} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
032d2aba7ad86f5119ac8318e1da5d474df636fc {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/minimatch","integrity":"sha512-rwI328em6Ipe+hmv86ffJm56oAjMS3xUCBTWjaeWVtoVvFZd3cIlGEtoLEQgXxTfB/a6BFFJPt+LqdcXBz6gEw==","time":1770670251712,"size":306302,"metadata":{"time":1770670251579,"url":"https://registry.npmjs.org/minimatch","reqHeaders":{"accept":"application/json"},"resHeaders":{"cache-control":"public, max-age=300","content-encoding":"gzip","content-type":"application/json","date":"Mon, 09 Feb 2026 20:50:51 GMT","etag":"W/\"56fb93bca9c9cf83a448322f6cbe1343\"","last-modified":"Tue, 03 Feb 2026 17:50:23 GMT","vary":"accept-encoding, accept"},"options":{"compress":true}}} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
021dd286d8966b5dc9a1c1f7ec6f916f20b95993 {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz","integrity":"sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==","time":1770670292053,"size":314877,"metadata":{"time":1770670291894,"url":"https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz","reqHeaders":{},"resHeaders":{"cache-control":"public, immutable, max-age=31557600","content-type":"application/octet-stream","date":"Mon, 09 Feb 2026 20:51:31 GMT","etag":"\"465377c7efb78593918ee117d7a5923b\"","last-modified":"Wed, 21 Jan 2026 17:29:54 GMT","vary":"Accept-Encoding"},"options":{"compress":true}}} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
affc7b951b88611ffd85292873013320e02ec78d {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/minimatch/-/minimatch-10.1.2.tgz","integrity":"sha512-fu656aJ0n2kcXwsnwnv9g24tkU5uSmOlTjd6WyyaKm2Z+h1qmY6bAjrcaIxF/BslFqbZ8UBtbJi7KgQOZD2PTw==","time":1770670272594,"size":97757,"metadata":{"time":1770670272523,"url":"https://registry.npmjs.org/minimatch/-/minimatch-10.1.2.tgz","reqHeaders":{},"resHeaders":{"cache-control":"public, immutable, max-age=31557600","content-type":"application/octet-stream","date":"Mon, 09 Feb 2026 20:51:12 GMT","etag":"\"4e9fb8701092f48a6d6e56aef4d597b6\"","last-modified":"Tue, 03 Feb 2026 17:50:23 GMT","vary":"Accept-Encoding"},"options":{"compress":true}}} |
||||||
@ -0,0 +1,3 @@ |
|||||||
|
|
||||||
|
72e7142e032e7138b366c1908bebee7b17ec2c6e {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/lodash","integrity":"sha512-YFO6h7hLIhu/7YrEXJhYPt6Spm7eXVMWFMRwKXI9M/Iz0O47AMbThaEld5GeP15agp/6dumSeD2Ji31eX4bpkQ==","time":1770670272978,"size":68481,"metadata":{"time":1770670272600,"url":"https://registry.npmjs.org/lodash","reqHeaders":{"accept":"application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*"},"resHeaders":{"cache-control":"public, max-age=300","content-encoding":"gzip","content-type":"application/vnd.npm.install-v1+json","date":"Mon, 09 Feb 2026 20:51:12 GMT","etag":"W/\"c4baa319a07c36c7ee907a9823db7825\"","last-modified":"Fri, 23 Jan 2026 09:31:29 GMT","vary":"accept-encoding, accept"},"options":{"compress":true}}} |
||||||
|
f2e64a394a6452ff829fdaf1f53353e6661aa3fa {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/lodash","integrity":"sha512-8eulC3Mj3iP2g26T9mqwo2eLN4xf39urAyrGC/B+v1RRq9eSMJgv2FVhRYX2n10eEILNnravkU8hVJIWlF4IBg==","time":1770670291599,"size":244244,"metadata":{"time":1770670291587,"url":"https://registry.npmjs.org/lodash","reqHeaders":{"accept":"application/json"},"resHeaders":{"cache-control":"public, max-age=300","content-encoding":"gzip","content-type":"application/json","date":"Mon, 09 Feb 2026 20:51:31 GMT","etag":"W/\"be9f341b4c524ad8fe80626a8776d44a\"","last-modified":"Fri, 23 Jan 2026 09:31:29 GMT","vary":"accept-encoding, accept"},"options":{"compress":true}}} |
||||||
@ -0,0 +1,2 @@ |
|||||||
|
|
||||||
|
42849814c93e9204098299b7dd7a0394b05d3b34 {"key":"make-fetch-happen:request-cache:https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.1.tgz","integrity":"sha512-WMz71T1JS624nWj2n2fnYAuPovhv7EUhk69R6i9dsVyzxt5eM3bjwvgk9L+APE1TRscGysAVMANkB0jh0LQZrQ==","time":1770670272539,"size":7778,"metadata":{"time":1770670272516,"url":"https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.1.tgz","reqHeaders":{},"resHeaders":{"cache-control":"public, must-revalidate, max-age=31557600","content-type":"application/octet-stream","date":"Mon, 09 Feb 2026 20:51:12 GMT","etag":"\"96c583188cf6c62158f3eaf5e0024e48\"","last-modified":"Tue, 03 Feb 2026 17:40:12 GMT","vary":"Accept-Encoding"},"options":{"compress":true}}} |
||||||
Loading…
Reference in new issue