Update dependency tar to v7#13
Security Report
You have successfully remediated 3 vulnerabilities, but introduced 5 new vulnerabilities in this branch.
❌ New vulnerabilities:
| Vulnerability | Severity | Vulnerable Library | Direct Library | Suggested Fix | Issue | |
|---|---|---|---|---|---|---|
CVE-941441-362681Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json,/package.json Dependency Hierarchy: -> core-2.0.0-alpha.64.tgz (Root Library) -> shelljs-0.8.4.tgz -> glob-7.1.6.tgz -> ❌ once-1.4.0.tgz (Vulnerable Library) |
9.8 | Transitive once-1.4.0.tgz |
core-2.0.0-alpha.64.tgz | None | ||
CVE-941441-362681Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json,/package.json Dependency Hierarchy: -> cmake-js-6.2.1.tgz (Root Library) -> unzipper-0.8.14.tgz -> fstream-1.0.12.tgz -> rimraf-2.7.1.tgz -> glob-7.1.7.tgz -> ❌ once-1.4.0.tgz (Vulnerable Library) |
9.8 | Transitive once-1.4.0.tgz |
cmake-js-6.2.1.tgz | None | ||
CVE-941441-362681Path to dependency file: /website/package.json Path to vulnerable library: /website/package.json,/package.json Dependency Hierarchy: -> preset-classic-2.0.0-alpha.64.tgz (Root Library) -> plugin-content-docs-2.0.0-alpha.64.tgz -> execa-3.4.0.tgz -> get-stream-5.2.0.tgz -> pump-3.0.0.tgz -> ❌ once-1.4.0.tgz (Vulnerable Library) |
9.8 | Transitive once-1.4.0.tgz |
preset-classic-2.0.0-alpha.64.tgz | None | ||
CVE-2026-23950Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> qode-18.12.1.tgz (Root Library) -> ❌ tar-6.2.1.tgz (Vulnerable Library) |
8.8 | Transitive tar-6.2.1.tgz |
qode-18.12.1.tgz | Transitive 7.5.4 |
None | |
CVE-2026-24842Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> qode-18.12.1.tgz (Root Library) -> ❌ tar-6.2.1.tgz (Vulnerable Library) |
8.2 | Transitive tar-6.2.1.tgz |
qode-18.12.1.tgz | Transitive 7.5.7 |
None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2022-25881 | http-cache-semantics-4.1.0.tgz |
| CVE-2026-24842 | tar-6.1.11.tgz |
| CVE-2026-23950 | tar-6.1.11.tgz |
Base branch total remaining vulnerabilities: 202
Base branch commit: null
Total libraries scanned: 1462
Scan token: f1cc4d0d1e5245c29c7fd0bd3b9e72bf