Feat(contracts)/upgradability #1214
Security Report
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2023-26115Dependency Hierarchy: -> @kleros/kleros-v2-web-0.2.0.tgz (Root Library) -> react-scripts-5.0.1.tgz -> jest-27.5.1.tgz -> core-27.5.1.tgz -> jest-config-27.5.1.tgz -> jest-environment-jsdom-27.5.1.tgz -> jsdom-16.7.0.tgz -> escodegen-2.0.0.tgz -> optionator-0.8.3.tgz -> ❌ word-wrap-1.2.3.tgz (Vulnerable Library) |
 High |
7.5 | word-wrap-1.2.3.tgz | Upgrade to version: word-wrap - 1.2.4 | #1185 |
CVE-2022-25883Dependency Hierarchy: -> @kleros/kleros-v2-eslint-config-0.0.0.tgz (Root Library) -> eslint-plugin-node-11.1.0.tgz -> ❌ semver-6.3.0.tgz (Vulnerable Library) |
High |
7.5 | semver-6.3.0.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #985 |
CVE-2022-25883Dependency Hierarchy: -> @kleros/kleros-v2-web-0.2.0.tgz (Root Library) -> client-0.0.5.tgz -> ipfs-car-0.7.0.tgz -> meow-9.0.0.tgz -> read-pkg-up-7.0.1.tgz -> read-pkg-5.2.0.tgz -> normalize-package-data-2.5.0.tgz -> ❌ semver-5.7.1.tgz (Vulnerable Library) |
High |
7.5 | semver-5.7.1.tgz | Upgrade to version: semver - 5.7.2,6.3.1,7.5.2;org.webjars.npm:semver:7.5.2 | #1185 |
CVE-2021-3803Dependency Hierarchy: -> @kleros/kleros-v2-web-0.2.0.tgz (Root Library) -> react-scripts-5.0.1.tgz -> webpack-5.5.0.tgz -> plugin-svgo-5.5.0.tgz -> svgo-1.3.2.tgz -> css-select-2.1.0.tgz -> ❌ nth-check-1.0.2.tgz (Vulnerable Library) |
High |
7.5 | nth-check-1.0.2.tgz | Upgrade to version: nth-check - v2.0.1 | #1185 |
CVE-2023-26144Dependency Hierarchy: -> @kleros/kleros-v2-web-0.2.0.tgz (Root Library) -> ❌ graphql-16.7.1.tgz (Vulnerable Library) |
 Medium |
5.3 | graphql-16.7.1.tgz | Upgrade to version: graphql - 16.8.1 | #1185 |
Total libraries scanned: 1954
Scan token: d445321ff9934cfca7e43598a60f3f7f