chore(deps): update dependency express to v4.18.3 #63
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2024-52798Path to dependency file: /app-to-app-swift/package.json Path to vulnerable library: /app-to-app-swift/package.json,/app-to-phone-swift/package.json,/app-to-phone-kotlin/package.json,/phone-to-app-kotlin/package.json Dependency Hierarchy: -> express-4.21.0.tgz (Root Library) -> ❌ path-to-regexp-0.1.10.tgz (Vulnerable Library) |
 High |
7.5 | path-to-regexp-0.1.10.tgz | Upgrade to version: path-to-regexp - 0.1.12 | None |
CVE-2024-52798Path to dependency file: /app-to-app-swift/package.json Path to vulnerable library: /app-to-app-swift/package.json,/app-to-phone-swift/package.json,/app-to-phone-kotlin/package.json,/phone-to-app-kotlin/package.json Dependency Hierarchy: -> express-4.21.1.tgz (Root Library) -> ❌ path-to-regexp-0.1.10.tgz (Vulnerable Library) |
High |
7.5 | path-to-regexp-0.1.10.tgz | Upgrade to version: path-to-regexp - 0.1.12 | None |
CVE-2024-52798Path to dependency file: /app-to-app-swift/package.json Path to vulnerable library: /app-to-app-swift/package.json,/app-to-phone-swift/package.json,/app-to-phone-kotlin/package.json,/phone-to-app-kotlin/package.json Dependency Hierarchy: -> express-4.20.0.tgz (Root Library) -> ❌ path-to-regexp-0.1.10.tgz (Vulnerable Library) |
High |
7.5 | path-to-regexp-0.1.10.tgz | Upgrade to version: path-to-regexp - 0.1.12 | None |
CVE-2024-45590Path to dependency file: /phone-to-app-swift/package.json Path to vulnerable library: /phone-to-app-swift/package.json Dependency Hierarchy: -> express-4.18.3.tgz (Root Library) -> ❌ body-parser-1.20.2.tgz (Vulnerable Library) |
High |
7.5 | body-parser-1.20.2.tgz | Upgrade to version: body-parser - 1.20.3 | None |
CVE-2024-29041Path to dependency file: /phone-to-app-swift/package.json Path to vulnerable library: /phone-to-app-swift/package.json Dependency Hierarchy: -> ❌ express-4.18.3.tgz (Vulnerable Library) |
 Medium |
6.1 | express-4.18.3.tgz | Upgrade to version: express - 4.19.0 | None |
CVE-2024-47764Path to dependency file: /app-to-app-swift/package.json Path to vulnerable library: /app-to-app-swift/package.json,/phone-to-app-kotlin/package.json,/app-to-phone-swift/package.json Dependency Hierarchy: -> express-4.21.0.tgz (Root Library) -> ❌ cookie-0.6.0.tgz (Vulnerable Library) |
Medium |
5.3 | cookie-0.6.0.tgz | Upgrade to version: cookie - 0.7.0 | None |
CVE-2024-47764Path to dependency file: /app-to-app-swift/package.json Path to vulnerable library: /app-to-app-swift/package.json,/phone-to-app-kotlin/package.json,/app-to-phone-swift/package.json Dependency Hierarchy: -> express-4.20.0.tgz (Root Library) -> ❌ cookie-0.6.0.tgz (Vulnerable Library) |
Medium |
5.3 | cookie-0.6.0.tgz | Upgrade to version: cookie - 0.7.0 | None |
CVE-2024-43796Path to dependency file: /phone-to-app-swift/package.json Path to vulnerable library: /phone-to-app-swift/package.json Dependency Hierarchy: -> ❌ express-4.18.3.tgz (Vulnerable Library) |
Medium |
5.0 | express-4.18.3.tgz | Upgrade to version: express - 4.20.0,5.0.0 | None |
Base branch total remaining vulnerabilities: 15
Base branch commit: 5b2f38d63eb9ca50ae5cb30071103c714245d80c
Total libraries scanned: 366
Scan token: 793e4fab4fcb4d79a2981e45c6c42f5a