Skip to content

npm: bump puppeteer from 13.7.0 to 24.22.0 #3491

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
dependabot wants to merge 1 commit into from

npm: bump puppeteer from 13.7.0 to 24.22.0

9427146
Select commit
Loading
Failed to load commit list.
Closed

npm: bump puppeteer from 13.7.0 to 24.22.0 #3491

npm: bump puppeteer from 13.7.0 to 24.22.0
9427146
Select commit
Loading
Failed to load commit list.
Mend Bolt for GitHub / WhiteSource Security Check failed Sep 18, 2025 in 23m 45s

Security Report

You have successfully remediated 27 vulnerabilities, but introduced 19 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2025-1302

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/jsonpath-plus/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> client-node-0.14.3.tgz

     -> ❌ jsonpath-plus-0.19.0.tgz (Vulnerable Library)

Critical 9.8 jsonpath-plus-0.19.0.tgz Upgrade to version: jsonpath-plus - 10.3.0 None
CVE-2024-21534

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/jsonpath-plus/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> client-node-0.14.3.tgz

     -> ❌ jsonpath-plus-0.19.0.tgz (Vulnerable Library)

Critical 9.8 jsonpath-plus-0.19.0.tgz Upgrade to version: jsonpath-plus - 10.2.0 None
CVE-2022-37601

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/loader-utils/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> next-11.1.4.tgz

     -> styled-jsx-4.0.1.tgz

       -> ❌ loader-utils-1.2.3.tgz (Vulnerable Library)

Critical 9.8 loader-utils-1.2.3.tgz Upgrade to version: loader-utils - 1.4.1,2.0.3 None
CVE-2021-42740

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/shell-quote/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> next-11.1.4.tgz

     -> react-dev-overlay-11.1.4.tgz

       -> ❌ shell-quote-1.7.2.tgz (Vulnerable Library)

Critical 9.8 shell-quote-1.7.2.tgz Upgrade to version: shell-quote - 1.7.3 None
CVE-2025-29927

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

Critical 9.1 next-11.1.4.tgz Upgrade to version: https://github.com/vercel/next.js.git - v13.5.9 None
CVE-2025-7783

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/request/node_modules/form-data/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> client-node-0.14.3.tgz

     -> request-2.88.2.tgz

       -> ❌ form-data-2.3.3.tgz (Vulnerable Library)

High 8.7 form-data-2.3.3.tgz Upgrade to version: form-data - 2.5.4 None
CVE-2024-51479

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

High 7.5 next-11.1.4.tgz Upgrade to version: next - 14.2.15 None
CVE-2022-37603

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/loader-utils/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> next-11.1.4.tgz

     -> styled-jsx-4.0.1.tgz

       -> ❌ loader-utils-1.2.3.tgz (Vulnerable Library)

High 7.5 loader-utils-1.2.3.tgz Upgrade to version: loader-utils - 1.4.2,2.0.4,3.2.1 None
CVE-2025-57822

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

Medium 6.5 next-11.1.4.tgz None
CVE-2023-26136

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/tough-cookie/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> client-node-0.14.3.tgz

     -> request-2.88.2.tgz

       -> ❌ tough-cookie-2.5.0.tgz (Vulnerable Library)

Medium 6.5 tough-cookie-2.5.0.tgz Upgrade to version: tough-cookie - 4.1.3 None
CVE-2025-57752

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

Medium 6.2 next-11.1.4.tgz None
CVE-2025-27789

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/node_modules/@babel/runtime/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> next-11.1.4.tgz

     -> ❌ runtime-7.15.3.tgz (Vulnerable Library)

Medium 6.2 runtime-7.15.3.tgz Upgrade to version: @babel/runtime-corejs2 - 7.26.10 None
CVE-2023-28155

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/request/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> client-node-0.14.3.tgz

     -> ❌ request-2.88.2.tgz (Vulnerable Library)

Medium 6.1 request-2.88.2.tgz Upgrade to version: @cypress/request - 3.0.0 None
CVE-2024-47831

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

Medium 5.9 next-11.1.4.tgz Upgrade to version: next - 14.2.7 None
CVE-2022-23646

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

Medium 5.9 next-11.1.4.tgz None
CVE-2024-47764

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/cookie/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> universal-cookie-4.0.4.tgz

     -> ❌ cookie-0.4.2.tgz (Vulnerable Library)

Medium 5.3 cookie-0.4.2.tgz Upgrade to version: cookie - 0.7.0 None
CVE-2023-44270

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/postcss/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> next-11.1.4.tgz

     -> ❌ postcss-8.2.15.tgz (Vulnerable Library)

Medium 5.3 postcss-8.2.15.tgz Upgrade to version: postcss - 8.4.31 None
CVE-2025-55173

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

Medium 4.3 next-11.1.4.tgz None
CVE-2025-32421

Path to dependency file: /tilt_modules/tilt_inspector/package.json

Path to vulnerable library: /tilt_modules/tilt_inspector/node_modules/next/package.json

Dependency Hierarchy:

-> tilt-inspector-0.1.8.tgz (Root Library)

   -> ❌ next-11.1.4.tgz (Vulnerable Library)

Low 3.7 next-11.1.4.tgz Upgrade to version: next - 15.1.6 None

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2023-32681 requests-2.28.1-py3-none-any.whl
CVE-2024-6345 setuptools-65.5.0-py3-none-any.whl
CVE-2022-24439 GitPython-3.1.29-py3-none-any.whl
CVE-2024-22195 Jinja2-3.1.2-py3-none-any.whl
CVE-2024-37891 urllib3-1.26.12-py2.py3-none-any.whl
CVE-2024-47081 requests-2.28.1-py3-none-any.whl
CVE-2024-34064 Jinja2-3.1.2-py3-none-any.whl
CVE-2023-45803 urllib3-1.26.12-py2.py3-none-any.whl
CVE-2024-56201 Jinja2-3.1.2-py3-none-any.whl
CVE-2024-5569 zipp-3.10.0-py3-none-any.whl
CVE-2022-40896 Pygments-2.13.0-py3-none-any.whl
CVE-2025-47273 setuptools-65.5.0-py3-none-any.whl
CVE-2024-22190 GitPython-3.1.29-py3-none-any.whl
CVE-2023-40267 GitPython-3.1.29-py3-none-any.whl
CVE-2024-39689 certifi-2022.9.24-py3-none-any.whl
CVE-2023-43804 urllib3-1.26.12-py2.py3-none-any.whl
CVE-2025-27516 Jinja2-3.1.2-py3-none-any.whl
CVE-2024-3651 idna-3.4-py3-none-any.whl
CVE-2024-56326 Jinja2-3.1.2-py3-none-any.whl
CVE-2023-37920 certifi-2022.9.24-py3-none-any.whl
CVE-2025-50181 urllib3-1.26.12-py2.py3-none-any.whl
CVE-2023-41040 GitPython-3.1.29-py3-none-any.whl
CVE-2022-40897 setuptools-65.5.0-py3-none-any.whl
CVE-2024-35195 requests-2.28.1-py3-none-any.whl
CVE-2022-23491 certifi-2022.9.24-py3-none-any.whl
CVE-2023-40590 GitPython-3.1.29-py3-none-any.whl
CVE-2023-32309 pymdown_extensions-9.7-py3-none-any.whl

Base branch total remaining vulnerabilities: 29
Base branch commit: null


Total libraries scanned: 574

Scan token: 2f55e1c19e4542279373908cd10465cc

View more details on Mend Bolt for GitHub