...
Code Block |
---|
$ ws scan Initializing: Scanning: /web-server [...../] Retrieving: Security vulnerabilities and compliance information [...../] Identified 91 dependencies Found 9 vulnerabilities (76 High, 23 Medium, 0 Low) +----------+----------------------+------------------+-------------------------------------------------+ | SEVERITY | LIBRARY | ID | TOP FIX | +----------+----------------------+------------------+-------------------------------------------------+ | HIGH | base64-url-1.2.1.tgz | WS-2018-0111 | Upgrade to version 2.0.0 | +----------+----------------------+------------------+-------------------------------------------------+ | HIGH | fresh-0.3.0.tgz | CVE-2017-16119 | Upgrade to version fresh - 0.5.2 | +----------+----------------------+------------------+-------------------------------------------------+ | HIGH | mime-1.3.4.tgz | CVE-2017-16138 | Upgrade to version 1.4.1,2.0.3 | +----------+----------------------+------------------+-------------------------------------------------+ | HIGH | minimistmorgan-01.06.81.tgz | CVE-20212019-449065413 | Upgrade to version minimist - 1.2.69.1 | +----------+----------------------+------------------+-------------------------------------------------+ | HIGH | morgannegotiator-10.65.13.tgz | CVE-20192016-5413 10539 | Upgrade to version 10.96.1 | +----------+----------------------+------------------+-------------------------------------------------+ | HIGH | negotiatorqs-4.0.50.3.tgz | CVE-2016-10539 | CVE-2017-1000048 | Upgrade to version qs - 6.0.4,6.1 .2,6.2.3,6.3.2 | +----------+----------------------+------------------+-------------------------------------------------+ | HIGHMEDIUM | qsdebug-42.02.0.tgz | CVE-2017-100004816137 | | Upgrade to version qs - 6.0.4,6.1.2,6.2.3,6.3.26.9 | +----------+----------------------+------------------+-------------------------------------------------+ | MEDIUM | debugminimist-20.20.08.tgz | CVE-20172020-161377598 | Upgrade to version minimist - 0.2.6.9 1,1.2.3 | +----------+----------------------+------------------+-------------------------------------------------+ | MEDIUM | minimist-0.0.8.tgz | CVE-20202021-7598 44906 | Upgrade to version minimist - 0.2.1,1.2.36 | +----------+----------------------+------------------+----------------+----------------------+-----------+ Found 3 Policy violations +-------+---------------+---------------------+-------------+ | LIBRARYFound 2 | POLICY TYPE | POLICY NAME | Policy violations +----------------------+---------------------+--------------+ | morgan-1.6.1.tgz---+ | LIBRARY | POLICY TYPE | Vulnerability Score | CVSSPOLICY scoreNAME | +----------------------+---------------------+-------------+ | base64-url-1.2.1.tgz | Vulnerability Score | CVSS score | +----------------------+---------------------+-------------+ | minimistmorgan-01.06.81.tgz | Vulnerability Score | CVSS score | +----------------------+---------------------+-------------+ Paths at risk P = policy violation HIGH/MEDIUM/LOW = security vulnerability severity express-3.21.2.tgz |-- mkdirp-0.5.1.tgz |-- minimist-0.0.8.tgz [12 HIGH, 1 MEDIUM, P] |-- fresh-0.3.0.tgz [1 HIGH] |-- send-0.13.0.tgz |-- mime-1.3.4.tgz [1 HIGH] |-- connect-2.30.2.tgz |-- morgan-1.6.1.tgz [1 HIGH, P] |-- qs-4.0.0.tgz [1 HIGH] |-- compression-1.5.2.tgz |-- accepts-1.2.13.tgz |-- negotiator-0.5.3.tgz [1 HIGH] |-- express-session-1.11.3.tgz |-- uid-safe-2.0.0.tgz |-- base64-url-1.2.1.tgz [1 HIGH, P] |-- debug-2.2.0.tgz [1 MEDIUM] |
...