Page Comparison

...
Code Block
$ ws scan
Initializing: 
Scanning: /web-server [...../]
Retrieving: Security vulnerabilities and compliance information [...../]

Identified 91 dependencies

Found 9 vulnerabilities (76 High, 23 Medium, 0 Low)
+----------+----------------------+------------------+-------------------------------------------------+
| SEVERITY | LIBRARY              | ID               | TOP FIX                                         |
+----------+----------------------+------------------+-------------------------------------------------+
| HIGH     | base64-url-1.2.1.tgz | WS-2018-0111     | Upgrade to version 2.0.0                        |
+----------+----------------------+------------------+-------------------------------------------------+
| HIGH     | fresh-0.3.0.tgz      | CVE-2017-16119   | Upgrade to version fresh - 0.5.2                |
+----------+----------------------+------------------+-------------------------------------------------+
| HIGH     | mime-1.3.4.tgz       | CVE-2017-16138   | Upgrade to version 1.4.1,2.0.3                  |
+----------+----------------------+------------------+-------------------------------------------------+
| HIGH     | minimistmorgan-01.06.81.tgz     | CVE-20212019-449065413    | Upgrade to version minimist - 1.2.69.1                        |
+----------+----------------------+------------------+-------------------------------------------------+
| HIGH     | morgannegotiator-10.65.13.tgz     | CVE-20192016-5413 10539   | Upgrade to version 10.96.1                        |
+----------+----------------------+------------------+-------------------------------------------------+
| HIGH     | negotiatorqs-4.0.50.3.tgz | CVE-2016-10539       | CVE-2017-1000048 | Upgrade to version qs - 6.0.4,6.1                        .2,6.2.3,6.3.2 |
+----------+----------------------+------------------+-------------------------------------------------+
| HIGHMEDIUM     | qsdebug-42.02.0.tgz         | CVE-2017-100004816137 |  | Upgrade to version qs - 6.0.4,6.1.2,6.2.3,6.3.26.9                        |
+----------+----------------------+------------------+-------------------------------------------------+
| MEDIUM   | debugminimist-20.20.08.tgz      | CVE-20172020-161377598    | Upgrade to version minimist - 0.2.6.9         1,1.2.3               |
+----------+----------------------+------------------+-------------------------------------------------+
| MEDIUM   | minimist-0.0.8.tgz   | CVE-20202021-7598 44906   | Upgrade to version minimist - 0.2.1,1.2.36             |
+----------+----------------------+------------------+----------------+----------------------+-----------+

Found 3 Policy violations
+-------+---------------+---------------------+-------------+
|
LIBRARYFound 2             | POLICY TYPE         | POLICY NAME |
Policy violations
+----------------------+---------------------+--------------+
| morgan-1.6.1.tgz---+
| LIBRARY              | POLICY TYPE      | Vulnerability Score | CVSSPOLICY scoreNAME  |
+----------------------+---------------------+-------------+
| base64-url-1.2.1.tgz | Vulnerability Score | CVSS score  |
+----------------------+---------------------+-------------+
| minimistmorgan-01.06.81.tgz     | Vulnerability Score | CVSS score  |
+----------------------+---------------------+-------------+

Paths at risk

P = policy violation
HIGH/MEDIUM/LOW = security vulnerability severity

express-3.21.2.tgz
|-- mkdirp-0.5.1.tgz
	|-- minimist-0.0.8.tgz [12 HIGH, 1 MEDIUM, P]
|-- fresh-0.3.0.tgz [1 HIGH]
|-- send-0.13.0.tgz
	|-- mime-1.3.4.tgz [1 HIGH]
|-- connect-2.30.2.tgz
	|-- morgan-1.6.1.tgz [1 HIGH, P]
	|-- qs-4.0.0.tgz [1 HIGH]
	|-- compression-1.5.2.tgz
		|-- accepts-1.2.13.tgz
			|-- negotiator-0.5.3.tgz [1 HIGH]
	|-- express-session-1.11.3.tgz
		|-- uid-safe-2.0.0.tgz
			|-- base64-url-1.2.1.tgz [1 HIGH, P]
|-- debug-2.2.0.tgz [1 MEDIUM]
...
Versions Compared

Old Version 54

New Version 55

Key
