[PROD RELEASE V6] #1702
[PROD RELEASE V6] #1702
70 new alerts including 4 critical severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 4 critical
- 31 high
- 29 medium
- 6 low
Alerts not introduced by this pull request might have been detected because the code changes were too large.
See annotations below for details.
Annotations
Check notice on line 1 in docker/Dockerfile
Code scanning / Trivy
No HEALTHCHECK defined Low
Check warning on line 1 in pnpm-lock.yaml
Code scanning / Trivy
Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups Medium
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
auth0-js Privilege Escalation Vulnerability High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
Cross-Site Request Forgery (CSRF) in Auth0 High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
Auth0-js bypasses CSRF checks High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
nodejs-axios: Regular expression denial of service in trim function High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
axios: Possible SSRF and Credential Leakage via Absolute URL in axios Requests High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
axios: Axios DoS via lack of data size check High
Check warning on line 1 in pnpm-lock.yaml
Code scanning / Trivy
nodejs-axios: allows an attacker to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address Medium
Check warning on line 1 in pnpm-lock.yaml
Code scanning / Trivy
axios: exposure of confidential data stored in cookies Medium
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
babel: arbitrary code execution Critical
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
braces: fails to limit the number of characters it can handle High
Check notice on line 1 in pnpm-lock.yaml
Code scanning / Trivy
nodejs-braces: Regular Expression Denial of Service (ReDoS) in lib/parsers.js Low
Check notice on line 1 in pnpm-lock.yaml
Code scanning / Trivy
Regular Expression Denial of Service in braces Low
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
braces: fails to limit the number of characters it can handle High
Check warning on line 1 in pnpm-lock.yaml
Code scanning / Trivy
browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) Medium
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
cross-spawn: regular expression denial of service High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
cross-spawn: regular expression denial of service High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor High
Check warning on line 1 in pnpm-lock.yaml
Code scanning / Trivy
follow-redirects: Exposure of Sensitive Information via Authorization Header leak Medium
Check warning on line 1 in pnpm-lock.yaml
Code scanning / Trivy
follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() Medium
Check warning on line 1 in pnpm-lock.yaml
Code scanning / Trivy
follow-redirects: Possible credential leak Medium
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
form-data: Unsafe random function in form-data Critical
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
http-proxy-middleware: Denial of Service High
Check failure on line 1 in pnpm-lock.yaml
Code scanning / Trivy
json5: Prototype Pollution in JSON5 via Parse Method High