Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump ejs and react-scripts in /public #4

Open
wants to merge 1 commit into
base: stable
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 1, 2024

Bumps ejs to 3.1.10 and updates ancestor dependency react-scripts. These dependencies need to be updated together.

Updates ejs from 2.7.4 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

v3.1.6

Version 3.1.6

v3.1.5

Version 3.1.5

v3.0.2

No release notes provided.

Commits

Updates react-scripts from 4.0.3 to 5.0.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [ejs](https://github.com/mde/ejs) to 3.1.10 and updates ancestor dependency [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts). These dependencies need to be updated together.


Updates `ejs` from 2.7.4 to 3.1.10
- [Release notes](https://github.com/mde/ejs/releases)
- [Commits](mde/ejs@v2.7.4...v3.1.10)

Updates `react-scripts` from 4.0.3 to 5.0.1
- [Release notes](https://github.com/facebook/create-react-app/releases)
- [Changelog](https://github.com/facebook/create-react-app/blob/main/CHANGELOG-4.x.md)
- [Commits](https://github.com/facebook/create-react-app/commits/[email protected]/packages/react-scripts)

---
updated-dependencies:
- dependency-name: ejs
  dependency-type: indirect
- dependency-name: react-scripts
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 1, 2024
@msant262
Copy link

msant262 commented May 1, 2024

Logo
Checkmarx One – Scan Summary & Detailsef53f292-ef26-4887-92dd-cc898c16e477

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2004-0989 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2015-5312 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2016-20018 Npm-knex-0.21.19 Vulnerable Package
HIGH CVE-2017-8872 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2017-9048 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2018-14404 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2021-3516 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2021-3517 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2021-3518 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2021-3803 Npm-nth-check-1.0.2 Vulnerable Package
HIGH CVE-2021-3807 Npm-ansi-regex-3.0.0 Vulnerable Package
HIGH CVE-2021-3807 Npm-ansi-regex-2.1.1 Vulnerable Package
HIGH CVE-2021-44906 Npm-minimist-1.2.5 Vulnerable Package
HIGH CVE-2022-0144 Npm-shelljs-0.8.4 Vulnerable Package
HIGH CVE-2022-21144 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2022-23308 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2022-23539 Npm-jsonwebtoken-8.5.1 Vulnerable Package
HIGH CVE-2022-23540 Npm-jsonwebtoken-8.5.1 Vulnerable Package
HIGH CVE-2022-24999 Npm-qs-6.5.2 Vulnerable Package
HIGH CVE-2022-25883 Npm-semver-7.0.0 Vulnerable Package
HIGH CVE-2022-25883 Npm-semver-6.3.0 Vulnerable Package
HIGH CVE-2022-25883 Npm-semver-7.3.5 Vulnerable Package
HIGH CVE-2022-25883 Npm-semver-7.3.8 Vulnerable Package
HIGH CVE-2022-25883 Npm-semver-5.7.1 Vulnerable Package
HIGH CVE-2022-31129 Npm-moment-2.29.2 Vulnerable Package
HIGH CVE-2022-3517 Npm-minimatch-3.0.4 Vulnerable Package
HIGH CVE-2022-39353 Npm-xmldom-0.6.0 Vulnerable Package
HIGH CVE-2022-40303 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2022-40304 Npm-libxmljs-0.19.7 Vulnerable Package
HIGH CVE-2022-46175 Npm-json5-2.2.0 Vulnerable Package
HIGH CVE-2023-26115 Npm-word-wrap-1.2.3 Vulnerable Package
HIGH CVE-2023-26136 Npm-tough-cookie-2.5.0 Vulnerable Package
HIGH CVE-2023-28154 Npm-webpack-5.28.0 Vulnerable Package
HIGH CVE-2023-42282 Npm-ip-2.0.0 Vulnerable Package
HIGH CVE-2023-45133 Npm-@babel/traverse-7.16.3 Vulnerable Package
HIGH CVE-2023-45133 Npm-@babel/traverse-7.21.2 Vulnerable Package
HIGH CVE-2024-4067 Npm-micromatch-4.0.5 Vulnerable Package
HIGH CVE-2024-4067 Npm-micromatch-3.1.10 Vulnerable Package
HIGH CVE-2024-4067 Npm-micromatch-4.0.4 Vulnerable Package
HIGH CVE-2024-4068 Npm-braces-3.0.2 Vulnerable Package
HIGH CVE-2024-4068 Npm-braces-2.3.2 Vulnerable Package
HIGH Cx10578cb2-c0fc Npm-cypress-6.9.1 Vulnerable Package
HIGH Cx15879720-9801 Npm-knex-0.21.19 Vulnerable Package
HIGH Cx62f5bb1b-fa5e Npm-moment-2.29.2 Vulnerable Package
HIGH Cx89601373-08db Npm-debug-3.2.7 Vulnerable Package
HIGH Cx89601373-08db Npm-debug-2.6.9 Vulnerable Package
HIGH Cx8bc4df28-fcf5 Npm-debug-3.2.7 Vulnerable Package
HIGH Cx8bc4df28-fcf5 Npm-debug-4.3.3 Vulnerable Package
HIGH Cx8bc4df28-fcf5 Npm-debug-4.3.2 Vulnerable Package
HIGH Cx8bc4df28-fcf5 Npm-debug-4.3.1 Vulnerable Package
HIGH Cx8bc4df28-fcf5 Npm-debug-2.6.9 Vulnerable Package
HIGH Cx8bc4df28-fcf5 Npm-debug-4.3.4 Vulnerable Package
HIGH Cxc7705965-e0f0 Npm-@babel/core-7.12.3 Vulnerable Package
HIGH Cxdca8e59f-8bfe Npm-inflight-1.0.6 Vulnerable Package
HIGH Cxf6e7f2c1-dc59 Npm-yauzl-2.10.0 Vulnerable Package
HIGH Docker Socket Mounted In Container /docker-compose.yml: 67 Docker socket docker.sock should not be mounted on host. If the docker socket is mounted, it can allow its processes to execute docker commands.
HIGH Missing User Instruction /Dockerfile: 23 A user should be specified in the dockerfile, otherwise the image will run as root
HIGH Passwords And Secrets - Generic Password /docker-compose.yml: 107 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /docker-compose.yml: 105 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /docker-compose.yml: 75 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Secret /config-keycloak.yaml: 632 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Secret /config-keycloak.yaml: 737 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Google API Key /deployment.yaml: 143 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Google API Key /deployment.yaml: 194 Query to find passwords and secrets in infrastructure code.
HIGH Privilege Escalation Allowed /deployment.yaml: 29 Containers should not run with allowPrivilegeEscalation in order to prevent them from gaining more privileges than their parent process
HIGH Privilege Escalation Allowed /deployment.yaml: 29 Containers should not run with allowPrivilegeEscalation in order to prevent them from gaining more privileges than their parent process
HIGH Privilege Escalation Allowed /deployment.yaml: 29 Containers should not run with allowPrivilegeEscalation in order to prevent them from gaining more privileges than their parent process
HIGH Privilege Escalation Allowed /deployment.yaml: 29 Containers should not run with allowPrivilegeEscalation in order to prevent them from gaining more privileges than their parent process
HIGH Privilege Escalation Allowed /deployment.yaml: 29 Containers should not run with allowPrivilegeEscalation in order to prevent them from gaining more privileges than their parent process
HIGH Volume Has Sensitive Host Directory /docker-compose.yml: 67 Container has sensitive host directory mounted as a volume
MEDIUM CPU Limits Not Set /deployment.yaml: 29 CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
MEDIUM CPU Limits Not Set /deployment.yaml: 29 CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
MEDIUM CPU Limits Not Set /deployment.yaml: 29 CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
MEDIUM CPU Limits Not Set /deployment.yaml: 29 CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
MEDIUM CPU Limits Not Set /deployment.yaml: 29 CPU limits should be set because if the system has CPU time free, a container is guaranteed to be allocated as much CPU as it requests
MEDIUM CVE-2007-2379 Npm-jquery-3.6.0 Vulnerable Package
MEDIUM CVE-2014-6071 Npm-jquery-3.6.0 Vulnerable Package
MEDIUM CVE-2018-14567 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2018-9251 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2020-24977 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2021-32796 Npm-xmldom-0.6.0 Vulnerable Package
MEDIUM CVE-2021-3537 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2021-3541 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2022-23541 Npm-jsonwebtoken-8.5.1 Vulnerable Package
MEDIUM CVE-2022-29622 Npm-formidable-2.1.2 Vulnerable Package
MEDIUM CVE-2022-29824 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2022-36313 Npm-file-type-16.5.3 Vulnerable Package
MEDIUM CVE-2023-26144 Npm-graphql-16.6.0 Vulnerable Package
MEDIUM CVE-2023-26159 Npm-follow-redirects-1.14.8 Vulnerable Package
MEDIUM CVE-2023-26159 Npm-follow-redirects-1.15.2 Vulnerable Package
MEDIUM CVE-2023-28155 Npm-@cypress/request-2.88.10 Vulnerable Package
MEDIUM CVE-2023-28155 Npm-request-2.88.2 Vulnerable Package
MEDIUM CVE-2023-28484 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2023-29469 Npm-libxmljs-0.19.7 Vulnerable Package
MEDIUM CVE-2023-44270 Npm-postcss-7.0.39 Vulnerable Package
MEDIUM CVE-2023-45857 Npm-axios-0.21.4 Vulnerable Package
MEDIUM CVE-2023-45857 Npm-axios-0.26.1 Vulnerable Package
MEDIUM CVE-2024-28176 Npm-jose-4.13.1 Vulnerable Package
MEDIUM CVE-2024-28849 Npm-follow-redirects-1.14.8 Vulnerable Package
MEDIUM CVE-2024-28849 Npm-follow-redirects-1.15.2 Vulnerable Package
MEDIUM CVE-2024-28863 Npm-tar-4.4.19 Vulnerable Package
MEDIUM CVE-2024-28863 Npm-tar-6.1.13 Vulnerable Package
MEDIUM Container Running As Root /deployment.yaml: 29 Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities...
MEDIUM Container Running As Root /deployment.yaml: 29 Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities...
MEDIUM Container Running As Root /deployment.yaml: 29 Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities...
MEDIUM Container Running As Root /deployment.yaml: 29 Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities...
MEDIUM Container Running As Root /deployment.yaml: 29 Containers should only run as non-root user. This limits the exploitability of security misconfigurations and restricts an attacker's possibilities...
MEDIUM Container Running With Low UID /deployment.yaml: 29 Check if containers are running with low UID, which might cause conflicts with the host's user table.
MEDIUM Container Running With Low UID /deployment.yaml: 29 Check if containers are running with low UID, which might cause conflicts with the host's user table.
MEDIUM Container Running With Low UID /deployment.yaml: 29 Check if containers are running with low UID, which might cause conflicts with the host's user table.
MEDIUM Container Running With Low UID /deployment.yaml: 29 Check if containers are running with low UID, which might cause conflicts with the host's user table.
MEDIUM Container Running With Low UID /deployment.yaml: 29 Check if containers are running with low UID, which might cause conflicts with the host's user table.
MEDIUM Container Traffic Not Bound To Host Interface /docker-compose.local.yml: 24 Incoming container traffic should be bound to a specific host interface
MEDIUM Container Traffic Not Bound To Host Interface /docker-compose.local.yml: 37 Incoming container traffic should be bound to a specific host interface
MEDIUM Container Traffic Not Bound To Host Interface /docker-compose.local.yml: 50 Incoming container traffic should be bound to a specific host interface
MEDIUM Container Traffic Not Bound To Host Interface /docker-compose.yml: 50 Incoming container traffic should be bound to a specific host interface
MEDIUM Cx41fbf2f3-5595 Npm-shelljs-0.8.4 Vulnerable Package
MEDIUM Cx7c42edbf-d5f1 Npm-base64url-2.0.0 Vulnerable Package
MEDIUM Healthcheck Not Set /docker-compose.yml: 27 Check containers periodically to see if they are running properly.
MEDIUM Healthcheck Not Set /docker-compose.yml: 59 Check containers periodically to see if they are running properly.
MEDIUM Healthcheck Not Set /docker-compose.yml: 45 Check containers periodically to see if they are running properly.
MEDIUM Healthcheck Not Set /docker-compose.local.yml: 29 Check containers periodically to see if they are running properly.
MEDIUM Healthcheck Not Set /docker-compose.local.yml: 46 Check containers periodically to see if they are running properly.
MEDIUM Image Version Not Explicit /Dockerfile: 23 Always tag the version of an image explicitly
MEDIUM Image Version Not Explicit /Dockerfile: 18 Always tag the version of an image explicitly
MEDIUM Memory Limits Not Defined /deployment.yaml: 29 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Limits Not Defined /deployment.yaml: 29 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Limits Not Defined /deployment.yaml: 29 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Limits Not Defined /deployment.yaml: 29 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.yml: 4 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.local.yml: 46 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.yml: 95 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.local.yml: 4 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.yml: 45 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.yml: 70 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.local.yml: 29 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.yml: 35 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM Memory Not Limited /docker-compose.yml: 59 Memory limits should be defined for each container. This prevents potential resource exhaustion by ensuring that containers consume not more than t...
MEDIUM NET_RAW Capabilities Not Being Dropped /deployment.yaml: 29 Containers should drop 'ALL' or at least 'NET_RAW' capabilities
MEDIUM NET_RAW Capabilities Not Being Dropped /deployment.yaml: 29 Containers should drop 'ALL' or at least 'NET_RAW' capabilities
MEDIUM NET_RAW Capabilities Not Being Dropped /deployment.yaml: 29 Containers should drop 'ALL' or at least 'NET_RAW' capabilities
MEDIUM NET_RAW Capabilities Not Being Dropped /deployment.yaml: 29 Containers should drop 'ALL' or at least 'NET_RAW' capabilities
MEDIUM NET_RAW Capabilities Not Being Dropped /deployment.yaml: 29 Containers should drop 'ALL' or at least 'NET_RAW' capabilities
MEDIUM Privileged Ports Mapped In Container /docker-compose.local.yml: 50 Privileged ports (1 to 1023) should not be mapped. Also you should drop net_bind_service linux capability from the container unless you absolutely ...
MEDIUM Privileged Ports Mapped In Container /docker-compose.yml: 50 Privileged ports (1 to 1023) should not be mapped. Also you should drop net_bind_service linux capability from the container unless you absolutely ...
MEDIUM Readiness Probe Is Not Configured /deployment.yaml: 29 Check if Readiness Probe is not configured.
MEDIUM Readiness Probe Is Not Configured /deployment.yaml: 29 Check if Readiness Probe is not configured.
MEDIUM Readiness Probe Is Not Configured /deployment.yaml: 29 Check if Readiness Probe is not configured.
MEDIUM Readiness Probe Is Not Configured /deployment.yaml: 29 Check if Readiness Probe is not configured.
MEDIUM Readiness Probe Is Not Configured /deployment.yaml: 29 Check if Readiness Probe is not configured.
MEDIUM Seccomp Profile Is Not Configured /deployment.yaml: 29 Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
MEDIUM Seccomp Profile Is Not Configured /deployment.yaml: 29 Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
MEDIUM Seccomp Profile Is Not Configured /deployment.yaml: 29 Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
MEDIUM Seccomp Profile Is Not Configured /deployment.yaml: 29 Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
MEDIUM Seccomp Profile Is Not Configured /deployment.yaml: 29 Containers should be configured with a secure Seccomp profile to restrict potentially dangerous syscalls
MEDIUM Security Opt Not Set /docker-compose.yml: 70 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.yml: 59 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.local.yml: 29 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.yml: 95 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.yml: 45 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.local.yml: 46 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.yml: 27 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.local.yml: 4 Attribute 'security_opt' should be defined.
MEDIUM Security Opt Not Set /docker-compose.yml: 4 Attribute 'security_opt' should be defined.
MEDIUM Service Account Token Automount Not Disabled /deployment.yaml: 19 Service Account Tokens are automatically mounted even if not necessary
MEDIUM Unpinned Actions Full Length Commit SHA /release.yml: 37 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Using Unrecommended Namespace /service.yaml: 17 Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
MEDIUM Using Unrecommended Namespace /service.yaml: 4 Namespaces like 'default', 'kube-system' or 'kube-public' should not be used
LOW CVE-2023-45143 Npm-undici-5.21.0 Vulnerable Package
LOW CVE-2024-24758 Npm-undici-5.21.0 Vulnerable Package
LOW CVE-2024-30260 Npm-undici-5.21.0 Vulnerable Package
LOW CVE-2024-30261 Npm-undici-5.21.0

More results are available on AST platform

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant