Update README.md js-dynamicγ,δ,ε😀🔥 @dfddfdö, ü, ç α, β, γ, δ, εdsd #1
Veracode-Workflow-App-Preprod / Veracode Software Composition Analysis
succeeded
Nov 4, 2025 in 44s
Veracode Software Composition Analysis
Veracode SCA agent scanning engine ready Searching for supported projects (this may take a minute)... [NPM] Scanning /home/runner/work/veracode/veracode npm warn config only Use `--omit=dev` to omit dev dependencies from the install. Processing results... Processing results complete Summary Report Scan ID cbd94a03-f708-4ea2-94ca-2a2423c75291 Scan Date & Time Nov 04 2025 09:32AM UTC Account type ENTERPRISE Scan engine 3.8.108 (latest 3.8.108) Analysis time 20 seconds User runner Project /home/runner/work/veracode/veracode Package Manager(s) NPM Open-Source Libraries Total Libraries 232 Direct Libraries 9 Transitive Libraries 223 Vulnerable Libraries 41 Security With Vulnerable Methods 0 Critical Risk Vulnerabilities 11 High Risk Vulnerabilities 46 Medium Risk Vulnerabilities 72 Low Risk Vulnerabilities 1 Vulnerabilities - Public Data CVE-2022-2421 Critical Risk Type Confusion socket.io-parser 2.2.6 CVE-2019-10744 Critical Risk Prototype Pollution lodash 3.10.1 CVE-2021-44906 Critical Risk Prototype Pollution minimist 1.1.3 CVE-2016-10532 Critical Risk Authentication Bypass Through Wrong Configuration In Socket.io console-io 2.6.3 CVE-2016-10550 Critical Risk SQL Injection Through Arguments sequelize 3.12.1 CVE-2023-22578 Critical Risk SQL Injection sequelize 3.12.1 CVE-2019-10749 Critical Risk SQL Injection sequelize 3.12.1 CVE-2023-25813 Critical Risk SQL Injection sequelize 3.12.1 CVE-2021-31597 Critical Risk Certificate Validation Bypass xmlhttprequest-ssl 1.5.1 CVE-2022-37598 Critical Risk Prototype Pollution uglify-js 3.4.10 CVE-2022-2421 Critical Risk Type Confusion socket.io-parser 2.2.2 CVE-2023-26132 High Risk Prototype Pollution dottie 1.1.1 CVE-2024-38355 High Risk Denial Of Service (DoS) socket.io 1.4.8 CVE-2014-10064 High Risk Denial Of Service (DoS) qs 0.6.6 CVE-2017-20165 High Risk Regular Expression Denial Of Service debug 2.2.0 CVE-2020-36049 High Risk Denial Of Service (DoS) socket.io-parser 2.2.6 CVE-2023-32695 High Risk Denial Of Service (DoS) socket.io-parser 2.2.6 CVE-2016-10539 High Risk Regular Expression Denial Of Service (ReDoS) negotiator 0.5.3 CVE-2017-16138 High Risk Regular Expression Denial Of Service (ReDoS) mime 1.2.11 CVE-2024-45296 High Risk Denial Of Service (DoS) path-to-regexp 0.1.7 CVE-2017-16138 High Risk Regular Expression Denial Of Service (ReDoS) mime 1.3.4 CVE-2024-36751 High Risk Regular Expression Denial Of Service (ReDoS) parseuri 0.0.4 CVE-2017-1000048 High Risk Prototype Override Protection Bypass qs 2.4.2 CVE-2022-24999 High Risk Denial Of Service (DoS) qs 2.4.2 CVE-2021-23337 High Risk Command Injection lodash 3.10.1 CVE-2015-9241 High Risk Denial Of Service (DoS) Socket Exhaustion hapi 8.1.0 CVE-2022-21676 High Risk Denial Of Service (DoS) engine.io 1.6.11 CVE-2020-36048 High Risk Denial Of Service (DoS) engine.io 1.6.11 CVE-2017-16111 High Risk Regular Expression Denial Of Service (ReDoS) content 1.0.2 CVE-2022-25844 High Risk Regular Expression Denial Of Service (ReDoS) angular 1.3.19 CVE-2024-21490 High Risk Regular Expression Denial Of Service (ReDoS) angular 1.3.19 CVE-2016-10542 High Risk Denial Of Service (DoS) Through Large Websocket Message ws 1.0.1 CVE-2017-16119 High Risk Regular Expression Denial Of Service (ReDoS) fresh 0.2.2 CVE-2017-16119 High Risk Regular Expression Denial Of Service (ReDoS) fresh 0.3.0 CVE-2014-6394 High Risk Elevation Of Privileges send 0.3.0 CVE-2018-3728 High Risk Prototype Pollution hoek 2.16.3 CVE-2024-47764 High Risk Cookie Poisoning cookie 0.1.5 CVE-2016-10556 High Risk SQL Injection sequelize 3.12.1 CVE-2023-22579 High Risk Type Confusion sequelize 3.12.1 CVE-2023-22580 High Risk Information Disclosure sequelize 3.12.1 CVE-2019-11069 High Risk SQL Injection sequelize 3.12.1 CVE-2016-10539 High Risk Regular Expression Denial Of Service (ReDoS) negotiator 0.4.9 CVE-2017-1000048 High Risk Prototype Override Protection Bypass qs 4.0.0 CVE-2022-24999 High Risk Denial Of Service (DoS) qs 4.0.0 CVE-2020-28502 High Risk Arbitrary Code Execution xmlhttprequest-ssl 1.5.1 CVE-2017-16113 High Risk Regular Expression Denial Of Service (ReDoS) parsejson 0.0.1 CVE-2016-10542 High Risk Denial Of Service (DoS) Through Large Websocket Message ws 1.1.0 CVE-2024-45296 High Risk Denial Of Service (DoS) path-to-regexp 0.1.2 CVE-2015-8315 High Risk Regular Expression Denial Of Service (ReDoS) ms 0.7.1 CVE-2020-36049 High Risk Denial Of Service (DoS) socket.io-parser 2.2.2 CVE-2023-32695 High Risk Denial Of Service (DoS) socket.io-parser 2.2.2 CVE-2024-47764 High Risk Cookie Poisoning cookie 0.1.2 CVE-2020-28481 Medium Risk Insecure Cross-Origin Resource Sharing Configuration socket.io 1.4.8 CVE-2014-7191 Medium Risk Denial Of Service (DoS) Memory Consumption qs 0.6.6 CVE-2017-16137 Medium Risk Regular Expression Denial Of Service (ReDoS) debug 2.2.0 CVE-2016-1000236 Medium Risk Timing Attack Via Signature Validation cookie-signature 1.0.2 CVE-2014-6393 Medium Risk Cross-site Scripting (XSS) Using Non-standard Encodings express 4.1.1 CVE-2024-29041 Medium Risk Open Redirect express 4.1.1 CVE-2024-43796 Medium Risk Remote Code Execution (RCE) express 4.1.1 CVE-2018-3721 Medium Risk Prototype Pollution lodash 3.10.1 CVE-2018-16487 Medium Risk Prototype Pollution Attack lodash 3.10.1 CVE-2015-9243 Medium Risk Connection Level Defaults Overwritten By CORS Config hapi 8.1.0 CVE-2015-9236 Medium Risk Mishandled CORS Request Headers hapi 8.1.0 CVE-2022-41940 Medium Risk Denial Of Service (DoS) engine.io 1.6.11 CVE-2015-1164 Medium Risk Open Redirect serve-static 1.1.0 CVE-2020-11022 Medium Risk Cross-Site Scripting (XSS) jquery 3.0.0-alpha1 CVE-2020-11023 Medium Risk Cross-Site Scripting (XSS) jquery 3.0.0-alpha1 CVE-2015-9251 Medium Risk Cross-site Scripting (XSS) jquery 3.0.0-alpha1 CVE-2019-11358 Medium Risk Prototype Pollution jquery 3.0.0-alpha1 CVE-2024-8373 Medium Risk Content Spoofing angular 1.3.19 CVE-2020-7676 Medium Risk Cross-site Scripting (XSS) angular 1.3.19 CVE-2019-14863 Medium Risk UI Redress Attack Through Improper Sanitization Of SVG Elements angular 1.3.19 CVE-2025-0716 Medium Risk Content Spoofing angular 1.3.19 CVE-2023-26116 Medium Risk Regular Expression Denial Of Service (ReDoS) angular 1.3.19 CVE-2023-26117 Medium Risk Regular Expression Denial Of Service (ReDoS) angular 1.3.19 CVE-2023-26118 Medium Risk Regular Expression Denial Of Service (ReDoS) angular 1.3.19 CVE-2022-25869 Medium Risk Cross-site Scripting (XSS) angular 1.3.19 CVE-2024-8372 Medium Risk Content Spoofing angular 1.3.19 CVE-2020-7598 Medium Risk Prototype Pollution minimist 1.1.3 CVE-2024-21908 Medium Risk Cross-site Scripting (XSS) tinymce 4.2.3 CVE-2023-45818 Medium Risk Cross-site Scripting (XSS) tinymce 4.2.3 CVE-2024-21911 Medium Risk Cross-site Scripting (XSS) tinymce 4.2.3 CVE-2024-38357 Medium Risk Cross-Site Scripting (XSS) tinymce 4.2.3 CVE-2020-17480 Medium Risk Cross-site Scripting (XSS) tinymce 4.2.3 CVE-2024-29203 Medium Risk Cross-Site Scripting (XSS) tinymce 4.2.3 CVE-2020-12648 Medium Risk Cross-Site Scripting (XSS) tinymce 4.2.3 CVE-2015-8859 Medium Risk Information Disclosure send 0.3.0 CVE-2024-29041 Medium Risk Open Redirect express 4.13.4 CVE-2024-43796 Medium Risk Remote Code Execution (RCE) express 4.13.4 CVE-2024-43799 Medium Risk Code Execution send 0.13.2 CVE-2024-43799 Medium Risk Code Execution send 0.13.1 CVE-2016-1000236 Medium Risk Timing Attack Via Signature Validation cookie-signature 1.0.3 CVE-2016-10543 Medium Risk Validation Bypass Via Invalid Input call 2.0.2 CVE-2024-43800 Medium Risk Cross-site Scripting (XSS) serve-static 1.10.3 Vulnerabilities - Premium Data NO-CVE High Risk Command Injection moment-timezone 0.4.1 NO-CVE High Risk Arbitrary Code Execution Through SVG Animation Functionality angular 1.3.19 NO-CVE High Risk Denial Of Service (DoS) ws 1.0.1 NO-CVE High Risk Denial Of Service (DoS) ws 1.1.0 NO-CVE High Risk Prototype Pollution subtext 1.1.1 NO-CVE Medium Risk Cross-site Scripting (XSS) Through Error Messages boom 0.2.1 NO-CVE Medium Risk Cross-site Request Forgery (CSRF) socket.io 1.4.8 NO-CVE Medium Risk Memory Leak inflight 1.0.6 NO-CVE Medium Risk Timing Attack Vulnerability While Decoding cookie-signature 1.0.2 NO-CVE Medium Risk Timing Attacks cookie-signature 1.0.2 NO-CVE Medium Risk Code Injection lodash 3.10.1 NO-CVE Medium Risk Header Injection Via Byte Truncation hapi 8.1.0 NO-CVE Medium Risk Cross-site Scripting (XSS) Via Validation Response hapi 8.1.0 NO-CVE Medium Risk Internal Route Access Bypass hapi 8.1.0 NO-CVE Medium Risk Cross-site Scripting (XSS) jquery 3.0.0-alpha1 NO-CVE Medium Risk Cross-site Scripting (XSS) Through Assignment Of Constructor Properties angular 1.3.19 NO-CVE Medium Risk Cross-site Scripting (XSS) Through SVG Element angular 1.3.19 NO-CVE Medium Risk Cross-Site Scripting (XSS) angular 1.3.19 NO-CVE Medium Risk Content-Security-Policy Bypass angular 1.3.19 NO-CVE Medium Risk Cross-Site Scripting (XSS) angular 1.3.19 NO-CVE Medium Risk Cross-Site Scripting (XSS) Via Sandbox Escaping angular 1.3.19 NO-CVE Medium Risk Arbitrary Code Execution Via Constructor Access angular 1.3.19 NO-CVE Medium Risk Mutation Cross-site Scripting (XSS) angular 1.3.19 NO-CVE Medium Risk Insecure Pseudorandom Number Generation ws 1.0.1 NO-CVE Medium Risk Memory Leaks socket.io-adapter 0.4.0 NO-CVE Medium Risk Regular Expression Denial Of Service (ReDoS) validator 4.9.0 NO-CVE Medium Risk Cross-site Scripting (XSS) Through Media Plugin tinymce 4.2.3 NO-CVE Medium Risk Cross-Site Scripting (XSS) tinymce 4.2.3 NO-CVE Medium Risk SQL Injection Circumventing Database Access Controls sequelize 3.12.1 NO-CVE Medium Risk Remote Memory Disclosure sequelize 3.12.1 NO-CVE Medium Risk Regular Expression Denial Of Service (ReDoS) clean-css 3.4.28 NO-CVE Medium Risk Insecure Pseudorandom Number Generation ws 1.1.0 NO-CVE Medium Risk Directory Traversal ponse 1.6.1 NO-CVE Medium Risk Denial Of Service (DoS) subtext 1.1.1 NO-CVE Medium Risk Cross-site Scripting (XSS) hoek 0.4.2 NO-CVE Low Risk Denial Of Service (DoS) ammo 1.0.1 Licenses Unique Library Licenses 5 Unique Libraries Using GPL 0 Unique Libraries With High Risk License 1 Unique Libraries With Medium Risk License 0 Unique Libraries With Low Risk License 226 Unique Libraries With Multiple Licenses 1 Unique Libraries With Unassessable License 0 Unique Libraries With Unrecognizable License 5 Issues Issue ID Issue Type Severity Description Library Name & Version In Use 463720181 Vulnerability 7.3 CVE-2014-6394: Elevation of Privileges send 0.3.0 463720182 Vulnerability 5.3 CVE-2014-7191: Denial of Service (DoS) Memory Consumption qs 0.6.6 463720183 Vulnerability 7.5 CVE-2014-10064: Denial Of Service (DoS) qs 0.6.6 463720184 Vulnerability 4.0 CVE-2015-1164: Open Redirect serve-static 1.1.0 463720185 Vulnerability 6.1 CVE-2014-6393: Cross-site Scripting (XSS) Using Non-standard Encodings express 4.1.1 463720186 Vulnerability 5.3 CVE-2015-8859: Information Disclosure send 0.3.0 463720187 Vulnerability 7.5 CVE-2015-8315: Regular Expression Denial Of Service (ReDoS) ms 0.7.1 463720188 Vulnerability 5.3 CVE-2015-9236: Mishandled CORS Request Headers hapi 8.1.0 463720189 Vulnerability 7.5 CVE-2015-9241: Denial Of Service (DoS) Socket Exhaustion hapi 8.1.0 463720190 Vulnerability 5.9 CVE-2015-9243: Connection Level Defaults Overwritten By CORS Config hapi 8.1.0 463720191 Vulnerability 6.1 CVE-2015-9251: Cross-site Scripting (XSS) jquery 3.0.0-alpha1 463720192 Vulnerability 6.1 NO-CVE: Cross-site Scripting (XSS) Through Assignment Of Constructor Properties angular 1.3.19 463720193 Vulnerability 6.1 CVE-2019-14863: UI Redress Attack Through Improper Sanitization Of SVG Elements angular 1.3.19 463720194 Vulnerability 7.3 NO-CVE: Arbitrary Code Execution Through SVG Animation Functionality angular 1.3.19 463720195 Vulnerability 9.8 CVE-2016-10550: SQL Injection Through Arguments sequelize 3.12.1 463720196 Vulnerability 4.7 NO-CVE: Cross-site Scripting (XSS) Through SVG Element angular 1.3.19 463720197 Vulnerability 5.3 NO-CVE: Timing Attack Vulnerability While Decoding cookie-signature 1.0.2 463720198 Vulnerability 9.8 CVE-2016-10532: Authentication Bypass Through Wrong Configuration In Socket.io console-io 2.6.3 463720199 Vulnerability 5.3 NO-CVE: Header Injection Via Byte Truncation hapi 8.1.0 463720200 Vulnerability 5.0 NO-CVE: SQL Injection Circumventing Database Access Controls sequelize 3.12.1 463720201 Vulnerability 6.1 NO-CVE: Cross-site Scripting (XSS) Through Media Plugin tinymce 4.2.3 463720202 Vulnerability 6.1 NO-CVE: Cross-site Scripting (XSS) Via Validation Response hapi 8.1.0 463720203 Vulnerability 6.1 NO-CVE: Cross-site Scripting (XSS) Through Error Messages boom 0.2.1 463720204 Vulnerability 5.3 NO-CVE: Internal Route Access Bypass hapi 8.1.0 463720205 Vulnerability 7.5 CVE-2016-10539: Regular Expression Denial Of Service (ReDoS) negotiator 0.4.9 463720206 Vulnerability 7.5 CVE-2016-10539: Regular Expression Denial Of Service (ReDoS) negotiator 0.5.3 463720207 Vulnerability 7.5 CVE-2016-10542: Denial Of Service (DoS) Through Large Websocket Message ws 1.0.1 463720208 Vulnerability 7.5 CVE-2016-10542: Denial Of Service (DoS) Through Large Websocket Message ws 1.1.0 463720209 Vulnerability 5.3 CVE-2016-10543: Validation Bypass Via Invalid Input call 2.0.2 463720210 Vulnerability 5.3 NO-CVE: Remote Memory Disclosure sequelize 3.12.1 463720211 Vulnerability 6.5 NO-CVE: Arbitrary Code Execution Via Constructor Access angular 1.3.19 463720212 Vulnerability 6.1 NO-CVE: Cross-Site Scripting (XSS) angular 1.3.19 463720213 Vulnerability 4.4 CVE-2016-1000236: Timing Attack Via Signature Validation cookie-signature 1.0.2 463720214 Vulnerability 4.4 CVE-2016-1000236: Timing Attack Via Signature Validation cookie-signature 1.0.3 463720215 Vulnerability 5.3 NO-CVE: Insecure Pseudorandom Number Generation ws 1.0.1 463720216 Vulnerability 5.3 NO-CVE: Insecure Pseudorandom Number Generation ws 1.1.0 463720217 Vulnerability 7.5 CVE-2016-10556: SQL Injection sequelize 3.12.1 463720218 Vulnerability 4.8 NO-CVE: Content-Security-Policy Bypass angular 1.3.19 463720219 Vulnerability 6.1 NO-CVE: Cross-Site Scripting (XSS) angular 1.3.19 463720220 Vulnerability 6.1 NO-CVE: Cross-site Scripting (XSS) hoek 0.4.2 463720221 Vulnerability 4.8 NO-CVE: Timing Attacks cookie-signature 1.0.2 463720222 Vulnerability 6.1 NO-CVE: Cross-Site Scripting (XSS) Via Sandbox Escaping angular 1.3.19 463720223 Vulnerability 7.5 CVE-2017-1000048: Prototype Override Protection Bypass qs 2.4.2 463720224 Vulnerability 7.5 CVE-2017-1000048: Prototype Override Protection Bypass qs 4.0.0 463720225 Vulnerability 7.5 CVE-2017-16111: Regular Expression Denial Of Service (ReDoS) content 1.0.2 463720226 Vulnerability 5.3 CVE-2017-16137: Regular Expression Denial Of Service (ReDoS) debug 2.2.0 463720227 Vulnerability 7.5 CVE-2017-16113: Regular Expression Denial Of Service (ReDoS) parsejson 0.0.1 463720228 Vulnerability 7.5 CVE-2017-16138: Regular Expression Denial Of Service (ReDoS) mime 1.2.11 463720229 Vulnerability 7.5 CVE-2017-16138: Regular Expression Denial Of Service (ReDoS) mime 1.3.4 463720230 Vulnerability 7.5 CVE-2017-16119: Regular Expression Denial Of Service (ReDoS) fresh 0.2.2 463720231 Vulnerability 7.5 CVE-2017-16119: Regular Expression Denial Of Service (ReDoS) fresh 0.3.0 463720232 Vulnerability 6.1 NO-CVE: Mutation Cross-site Scripting (XSS) angular 1.3.19 463720233 Vulnerability 7.5 NO-CVE: Denial Of Service (DoS) ws 1.0.1 463720234 Vulnerability 7.5 NO-CVE: Denial Of Service (DoS) ws 1.1.0 463720235 Vulnerability 6.5 CVE-2018-3721: Prototype Pollution lodash 3.10.1 463720236 Vulnerability 8.8 CVE-2018-3728: Prototype Pollution hoek 2.16.3 463720237 Vulnerability 5.3 NO-CVE: Regular Expression Denial Of Service (ReDoS) clean-css 3.4.28 463720238 Vulnerability 5.3 NO-CVE: Regular Expression Denial Of Service (ReDoS) validator 4.9.0 463720239 Vulnerability 5.8 NO-CVE: Directory Traversal ponse 1.6.1 463720240 Vulnerability 5.6 CVE-2018-16487: Prototype Pollution Attack lodash 3.10.1 463720241 Vulnerability 7.5 CVE-2019-11069: SQL Injection sequelize 3.12.1 463720242 Vulnerability 6.1 CVE-2019-11358: Prototype Pollution jquery 3.0.0-alpha1 463720243 Vulnerability 9.8 CVE-2019-10749: SQL Injection sequelize 3.12.1 463720244 Vulnerability 9.1 CVE-2019-10744: Prototype Pollution lodash 3.10.1 463720245 Vulnerability 5.3 NO-CVE: Denial Of Service (DoS) subtext 1.1.1 463720246 Vulnerability 6.5 NO-CVE: Memory Leaks socket.io-adapter 0.4.0 463720247 Vulnerability 6.1 CVE-2020-17480: Cross-site Scripting (XSS) tinymce 4.2.3 463720248 Vulnerability 8.1 NO-CVE: Prototype Pollution subtext 1.1.1 463720249 Vulnerability 3.7 NO-CVE: Denial Of Service (DoS) ammo 1.0.1 463720250 Vulnerability 5.6 CVE-2020-7598: Prototype Pollution minimist 1.1.3 463720251 Vulnerability 4.7 NO-CVE: Cross-site Scripting (XSS) jquery 3.0.0-alpha1 463720252 Vulnerability 6.1 CVE-2020-11022: Cross-Site Scripting (XSS) jquery 3.0.0-alpha1 463720253 Vulnerability 6.1 CVE-2020-11023: Cross-Site Scripting (XSS) jquery 3.0.0-alpha1 463720254 Vulnerability 5.4 CVE-2020-7676: Cross-site Scripting (XSS) angular 1.3.19 463720255 Vulnerability 5.6 NO-CVE: Code Injection lodash 3.10.1 463720256 Vulnerability 6.1 CVE-2020-12648: Cross-Site Scripting (XSS) tinymce 4.2.3 463720257 Vulnerability 7.5 CVE-2020-36048: Denial Of Service (DoS) engine.io 1.6.11 463720258 Vulnerability 7.5 CVE-2020-36049: Denial Of Service (DoS) socket.io-parser 2.2.2 463720259 Vulnerability 7.5 CVE-2020-36049: Denial Of Service (DoS) socket.io-parser 2.2.6 463720260 Vulnerability 4.3 CVE-2020-28481: Insecure Cross-Origin Resource Sharing Configuration socket.io 1.4.8 463720261 Vulnerability 6.5 NO-CVE: Cross-site Request Forgery (CSRF) socket.io 1.4.8 463720262 Vulnerability 7.2 CVE-2021-23337: Command Injection lodash 3.10.1 463720263 Vulnerability 8.1 CVE-2020-28502: Arbitrary Code Execution xmlhttprequest-ssl 1.5.1 463720264 Vulnerability 9.4 CVE-2021-31597: Certificate Validation Bypass xmlhttprequest-ssl 1.5.1 463720265 Vulnerability 4.7 NO-CVE: Cross-Site Scripting (XSS) tinymce 4.2.3 463720266 Vulnerability 6.1 CVE-2024-21908: Cross-site Scripting (XSS) tinymce 4.2.3 463720267 Vulnerability 7.5 CVE-2022-21676: Denial Of Service (DoS) engine.io 1.6.11 463720268 Vulnerability 9.8 CVE-2021-44906: Prototype Pollution minimist 1.1.3 463720269 Vulnerability 7.5 CVE-2022-25844: Regular Expression Denial Of Service (ReDoS) angular 1.3.19 463720270 Vulnerability 6.1 CVE-2022-25869: Cross-site Scripting (XSS) angular 1.3.19 463720271 Vulnerability 7.3 NO-CVE: Command Injection moment-timezone 0.4.1 463720272 Vulnerability 9.8 CVE-2022-37598: Prototype Pollution uglify-js 3.4.10 463720273 Vulnerability 9.8 CVE-2022-2421: Type Confusion socket.io-parser 2.2.2 463720274 Vulnerability 9.8 CVE-2022-2421: Type Confusion socket.io-parser 2.2.6 463720275 Vulnerability 6.5 CVE-2022-41940: Denial Of Service (DoS) engine.io 1.6.11 463720276 Vulnerability 7.5 CVE-2022-24999: Denial Of Service (DoS) qs 2.4.2 463720277 Vulnerability 7.5 CVE-2022-24999: Denial Of Service (DoS) qs 4.0.0 463720278 Vulnerability 7.5 CVE-2017-20165: Regular Expression Denial Of Service debug 2.2.0 463720279 Vulnerability 9.8 CVE-2023-22578: SQL Injection sequelize 3.12.1 463720280 Vulnerability 8.8 CVE-2023-22579: Type Confusion sequelize 3.12.1 463720281 Vulnerability 7.5 CVE-2023-22580: Information Disclosure sequelize 3.12.1 463720282 Vulnerability 9.8 CVE-2023-25813: SQL Injection sequelize 3.12.1 463720283 Vulnerability 5.3 CVE-2023-26116: Regular Expression Denial Of Service (ReDoS) angular 1.3.19 463720284 Vulnerability 5.3 CVE-2023-26117: Regular Expression Denial Of Service (ReDoS) angular 1.3.19 463720285 Vulnerability 5.3 CVE-2023-26118: Regular Expression Denial Of Service (ReDoS) angular 1.3.19 463720286 Vulnerability 7.5 CVE-2023-32695: Denial Of Service (DoS) socket.io-parser 2.2.2 463720287 Vulnerability 7.5 CVE-2023-32695: Denial Of Service (DoS) socket.io-parser 2.2.6 463720288 Vulnerability 7.5 CVE-2023-26132: Prototype Pollution dottie 1.1.1 463720289 Vulnerability 6.2 NO-CVE: Memory Leak inflight 1.0.6 463720290 Vulnerability 6.1 CVE-2023-45818: Cross-site Scripting (XSS) tinymce 4.2.3 463720291 Vulnerability 6.1 CVE-2024-21911: Cross-site Scripting (XSS) tinymce 4.2.3 463720292 Vulnerability 6.1 CVE-2024-29041: Open Redirect express 4.1.1 463720293 Vulnerability 6.1 CVE-2024-29041: Open Redirect express 4.13.4 463720294 Vulnerability 7.5 CVE-2024-21490: Regular Expression Denial Of Service (ReDoS) angular 1.3.19 463720295 Vulnerability 4.3 CVE-2024-29203: Cross-Site Scripting (XSS) tinymce 4.2.3 463720296 Vulnerability 7.5 CVE-2024-38355: Denial Of Service (DoS) socket.io 1.4.8 463720297 Vulnerability 6.1 CVE-2024-38357: Cross-Site Scripting (XSS) tinymce 4.2.3 463720298 Vulnerability 7.5 CVE-2024-45296: Denial Of Service (DoS) path-to-regexp 0.1.2 463720299 Vulnerability 7.5 CVE-2024-45296: Denial Of Service (DoS) path-to-regexp 0.1.7 463720300 Vulnerability 4.3 CVE-2024-8372: Content Spoofing angular 1.3.19 463720301 Vulnerability 4.3 CVE-2024-8373: Content Spoofing angular 1.3.19 463720302 Vulnerability 4.7 CVE-2024-43799: Code Execution send 0.13.1 463720303 Vulnerability 4.7 CVE-2024-43799: Code Execution send 0.13.2 463720304 Vulnerability 4.7 CVE-2024-43796: Remote Code Execution (RCE) express 4.1.1 463720305 Vulnerability 4.7 CVE-2024-43796: Remote Code Execution (RCE) express 4.13.4 463720306 Vulnerability 4.7 CVE-2024-43800: Cross-site Scripting (XSS) serve-static 1.10.3 463720307 Vulnerability 8.2 CVE-2024-47764: Cookie Poisoning cookie 0.1.2 463720308 Vulnerability 8.2 CVE-2024-47764: Cookie Poisoning cookie 0.1.5 463720309 Vulnerability 7.5 CVE-2024-36751: Regular Expression Denial Of Service (ReDoS) parseuri 0.0.4 463720310 Vulnerability 4.8 CVE-2025-0716: Content Spoofing angular 1.3.19 463720311 Outdated Library 3.0 Latest version at scan: 1.8.3 angular 1.3.19 463720312 Outdated Library 3.0 Latest version at scan: 7.3.0 boom 0.2.1 463720313 Outdated Library 3.0 Latest version at scan: 14.1.0 console-io 2.6.3 463720314 Outdated Library 3.0 Latest version at scan: 1.2.2 cookie-signature 1.0.2 463720315 Outdated Library 3.0 Latest version at scan: 5.1.0 express 4.1.1 463720316 Outdated Library 3.0 Latest version at scan: 18.1.0 hapi 8.1.0 463720317 Outdated Library 3.0 Latest version at scan: 4.0.0-rc.1 jquery 3.0.0-alpha1 463720318 Outdated Library 3.0 Latest version at scan: 7.0.0-next.1 sequelize 3.12.1 463720319 Outdated Library 3.0 Latest version at scan: 8.2.0 tinymce 4.2.3 463720320 License 9.0 Library has High-Risk License tinymce 4.2.3 Full Report Details https://sca.analysiscenter.veracode.com/teams/eppFD9Ep/scans/102136293
Loading