Skip to content

Update Database #393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mend-for-github-com wants to merge 1 commit into
base: main
Choose a base branch
from

Update Database

dac2b24
Select commit
Loading
Failed to load commit list.
Open

Update Database #393

Update Database
dac2b24
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Feb 22, 2025 in 3m 47s

Security Report

❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

npm

https://amplearning.jfrog.io/artifactory/api/npm/amplify-npm
Step Level Description Details
Setting the scanner configuration ⚠Warn Failure to set private registries, due to an issue with the configuration provided by the user no "registry" field corresponding to this url was found in the .npmrc files

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:
CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue Reachability
CVE-2025-2306

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/mongoose/package.json

Dependency Hierarchy:

-> ❌ mongoose-8.5.2.tgz (Vulnerable Library)

Critical 9.4 mongoose-8.5.2.tgz Upgrade to version: mongoose -6.13.6,7.8.4,8.9.5 #402

Base branch total remaining vulnerabilities: 15
Base branch commit: d78fa6c704e955e6c8c8cfced0439e66cf72809e


Total libraries scanned: 642

Scan token: fb4d5716bd144331b03095ac95abe27f

View more details on Mend for GitHub.com