[Manual][Backport 2.x] [Tests] Add Github workflow for Test Orchestrator in FT Repo to run cypress tests within Dashboards repo #6095
Security Report
You have successfully remediated 6 vulnerabilities, but introduced 5 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
WS-2017-3772Vulnerable Source Files: ❌ /packages/osd-ui-framework/node_modules/underscore.string/unescapeHTML.js |
High | 7.5 | juice-shopjuice-shop-14.0.0_node14_darwin_x64 | Upgrade to version: underscore.string - 3.3.5 | #4734 |
CVE-2023-26156Path to dependency file: /package.json Path to vulnerable library: /node_modules/chromedriver/package.json Dependency Hierarchy: -> ❌ chromedriver-107.0.3.tgz (Vulnerable Library) |
High | 7.5 | chromedriver-107.0.3.tgz | Upgrade to version: chromedriver - 119.0.1 | None |
High | 7.5 | juice-shopjuice-shop-13.3.0_node16_darwin_x64 | Upgrade to version: 6.0.3 | #4726 | |
CVE-2023-45857Path to dependency file: /package.json Path to vulnerable library: /node_modules/chromedriver/node_modules/axios/package.json Dependency Hierarchy: -> chromedriver-107.0.3.tgz (Root Library) -> ❌ axios-1.2.0.tgz (Vulnerable Library) |
Medium | 6.5 | axios-1.2.0.tgz | Upgrade to version: axios - 1.6.0 | #5474 |
CVE-2023-45857Path to dependency file: /package.json Path to vulnerable library: /node_modules/axios/package.json Dependency Hierarchy: -> @osd/ui-shared-deps-1.0.0.tgz (Root Library) -> ❌ axios-0.27.2.tgz (Vulnerable Library) |
Medium | 6.5 | axios-0.27.2.tgz | Upgrade to version: axios - 1.6.0 | #5474 |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2015-9251 | jquery-1.11.1.js |
CVE-2019-20149 | juice-shop-juice-shop-15.2.0_node16_win32_x64 |
CVE-2019-11358 | jquery-1.11.1.js |
WS-2017-3772 | juice-shop-juice-shop-14.5.1_node16_darwin_x64 |
CVE-2020-11022 | jquery-1.11.1.js |
CVE-2020-11023 | jquery-1.11.1.js |
Base branch total remaining vulnerabilities: 17
Base branch commit: 89fcf63ca0790858143a97c3bfb47460214afc7e
Total libraries scanned: 2571
Scan token: 57829a84152043ab8e8f674faa35cf07