Merge branch 'main' into create-interstitial #74658

Merge branch 'main' into create-interstitial

Merge branch 'main' into create-interstitial #74658

Summary
Jobs
Run details
- Usage
- Workflow file

Usage Workflow file

Annotations

10 errors

Audit dependencies

Security advisory: Title: Unauthenticated Denial of Service in the octokit/webhooks library Module name: octokit Dependency: octokit Path: octokit Severity: high Details: https://github.com/advisories/GHSA-pwfr-8pq7-x9qv

Audit dependencies

Security advisory: Title: send vulnerable to template injection that can lead to XSS Module name: send Dependency: express Path: express>send Severity: moderate Details: https://github.com/advisories/GHSA-m6fv-jmcg-4jfg

Audit dependencies

Security advisory: Title: serve-static vulnerable to template injection that can lead to XSS Module name: serve-static Dependency: express Path: express>serve-static Severity: moderate Details: https://github.com/advisories/GHSA-cm22-4g7w-348p

Audit dependencies

Security advisory: Title: path-to-regexp outputs backtracking regular expressions Module name: path-to-regexp Dependency: express Path: express>path-to-regexp Severity: high Details: https://github.com/advisories/GHSA-9wv6-86v2-598j

Audit dependencies

Security advisory: Title: Express.js Open Redirect in malformed URLs Module name: express Dependency: express Path: express Severity: moderate Details: https://github.com/advisories/GHSA-rv95-896h-c2vc

Audit dependencies

Security advisory: Title: express vulnerable to XSS via response.redirect() Module name: express Dependency: express Path: express Severity: moderate Details: https://github.com/advisories/GHSA-qw6h-vgh9-j6wx

Audit dependencies

Security advisory: Title: Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code Module name: @babel/traverse Dependency: styled-components Path: styled-components>@babel/traverse Severity: critical Details: https://github.com/advisories/GHSA-67hx-6x53-jw92

Audit dependencies

Security advisory: Title: Elliptic's EDDSA missing signature length check Module name: elliptic Dependency: uswds Path: uswds>browserify>crypto-browserify>browserify-sign>elliptic Severity: low Details: https://github.com/advisories/GHSA-f7q4-pwc6-w24p

Audit dependencies

Security advisory: Title: Elliptic's ECDSA missing check for whether leading bit of r and s is zero Module name: elliptic Dependency: uswds Path: uswds>browserify>crypto-browserify>browserify-sign>elliptic Severity: low Details: https://github.com/advisories/GHSA-977x-g7h5-7qgw

Audit dependencies

Security advisory: Title: Elliptic allows BER-encoded signatures Module name: elliptic Dependency: uswds Path: uswds>browserify>crypto-browserify>browserify-sign>elliptic Severity: low Details: https://github.com/advisories/GHSA-49q7-c7j4-3p7m

Security Audit

succeeded Oct 3, 2024 in 1m 20s

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge branch 'main' into create-interstitial #74658

Security Audit