Skip to content

Commit

Permalink
monthly update of vulnerability report (#1725)
Browse files Browse the repository at this point in the history 
Signed-off-by: bossenti <[email protected]>
Co-authored-by: bossenti <[email protected]>
  • Loading branch information
@github-actions
github-actions[bot] and bossenti authored Jul 2, 2023
1 parent ca0128e commit 93aab00
Showing 1 changed file with 13 additions and 8 deletions.
21 changes: 13 additions & 8 deletions VULNERABILITY.md
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,14 @@
<!--\n ~ Licensed to the Apache Software Foundation (ASF) under one or more\n ~ contributor license agreements. See the NOTICE file distributed with\n ~ this work for additional information regarding copyright ownership.\n ~ The ASF licenses this file to You under the Apache License, Version 2.0\n ~ (the "License"); you may not use this file except in compliance with\n ~ the License. You may obtain a copy of the License at\n ~\n ~ http://www.apache.org/licenses/LICENSE-2.0\n ~\n ~ Unless required by applicable law or agreed to in writing, software\n ~ distributed under the License is distributed on an "AS IS" BASIS,\n ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n ~ See the License for the specific language governing permissions and\n ~ limitations under the License.\n ~\n -->
| OSV URL | Ecosystem | Package | Version | Source |
| --- | --- | --- | --- | --- |
| https://osv.dev/GHSA-mjmj-j48q-9wg2 | Maven | org.yaml:snakeyaml | 1.33 | pom.xml |
| https://osv.dev/GHSA-j8r2-6x86-q33q | PyPI | requests | 2.24.0 | streampipes-wrapper-python/requirements.txt |
| https://osv.dev/GHSA-36jr-mh4h-2g58 | npm | d3-color | 2.0.0 | ui/package-lock.json |
| https://osv.dev/GHSA-ww39-953v-wcq6 | npm | glob-parent | 3.1.0 | ui/package-lock.json |
| https://osv.dev/GHSA-4943-9vgg-gr5r | npm | quill | 1.3.7 | ui/package-lock.json |
| https://osv.dev/GHSA-hc6q-2mpp-qw7j | npm | webpack | 5.74.0 | ui/package-lock.json |
| OSV URL | CVSS | Ecosystem | Package | Version | Source |
| --- | --- | --- | --- | --- | --- |
| https://osv.dev/GHSA-6mjq-h674-j845 | 6.5 | Maven | io.netty:netty-handler | 4.1.72.Final | pom.xml |
| https://osv.dev/GHSA-mjmj-j48q-9wg2 | 8.3 | Maven | org.yaml:snakeyaml | 1.33 | pom.xml |
| https://osv.dev/GHSA-j8r2-6x86-q33q<br/>https://osv.dev/PYSEC-2023-74 | 6.1 | PyPI | requests | 2.24.0 | streampipes-wrapper-python/requirements.txt |
| https://osv.dev/GHSA-ww39-953v-wcq6 | 7.5 | npm | glob-parent | 3.1.0 | ui/package-lock.json |
| https://osv.dev/GHSA-4943-9vgg-gr5r | 6.1 | npm | quill | 1.3.7 | ui/package-lock.json |
| https://osv.dev/GHSA-c2qf-rxjj-qqgw | 5.3 | npm | semver | 5.7.1 | ui/package-lock.json |
| https://osv.dev/GHSA-c2qf-rxjj-qqgw | 5.3 | npm | semver | 6.3.0 | ui/package-lock.json |
| https://osv.dev/GHSA-c2qf-rxjj-qqgw | 5.3 | npm | semver | 7.3.7 | ui/package-lock.json |
| https://osv.dev/GHSA-c2qf-rxjj-qqgw | 5.3 | npm | semver | 7.3.8 | ui/package-lock.json |
| https://osv.dev/GHSA-hc6q-2mpp-qw7j | 7.6 | npm | webpack | 5.74.0 | ui/package-lock.json |
| https://osv.dev/GHSA-j8xg-fqg3-53r7 | 5.3 | npm | word-wrap | 1.2.3 | ui/package-lock.json |

0 comments on commit 93aab00

Please sign in to comment.