Skip to content

Update dependency react to v15#30

Open
dev-mend-for-github-com[bot] wants to merge 1 commit into
masterfrom
whitesource-remediate/react-15.x
Open

Update dependency react to v15#30
dev-mend-for-github-com[bot] wants to merge 1 commit into
masterfrom
whitesource-remediate/react-15.x

Update dependency react to v15

23eaf40
Select commit
Loading
Failed to load commit list.
Dev - Mend for GitHub.com / Mend Security Check failed Feb 25, 2026 in 52m 19s

Security Report

You have successfully remediated 7 vulnerabilities, but introduced 6 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue
CVE-2020-11023

Path to dependency file: /test/index.html

Path to vulnerable library: /test/index.html

Dependency Hierarchy:

-> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library)

Medium 6.9 Direct jquery-11.0-1.7.22-1.min.js jquery-11.0-1.7.22-1.min.js org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0,jQuery - 3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0,org.webjars.npm:jquery:3.5.0,jQuery - 3.5.0 None
CVE-2020-11022

Path to dependency file: /test/index.html

Path to vulnerable library: /test/index.html

Dependency Hierarchy:

-> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library)

Medium 6.9 Direct jquery-11.0-1.7.22-1.min.js jquery-11.0-1.7.22-1.min.js org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0 None
CVE-2022-0235

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/isomorphic-fetch/node_modules/node-fetch/package.json

Dependency Hierarchy:

-> react-15.0.2.tgz (Root Library)

   -> fbjs-0.8.18.tgz

     -> isomorphic-fetch-2.2.1.tgz

       -> ❌ node-fetch-1.7.3.tgz (Vulnerable Library)

Medium 6.1 Transitive node-fetch-1.7.3.tgz react-15.0.2.tgz Transitive 2.6.7 None
CVE-2019-11358

Path to dependency file: /test/index.html

Path to vulnerable library: /test/index.html

Dependency Hierarchy:

-> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library)

Medium 6.1 Direct jquery-11.0-1.7.22-1.min.js jquery-11.0-1.7.22-1.min.js org.webjars.npm:jquery:3.4.0,django - 2.2.2,jquery - 3.4.0,jquery-rails - 4.3.4,django - 2.1.9,jQuery - 3.4.0,jquery-rails - 4.3.4,django - 2.2.2,django - 2.1.9,org.webjars.npm:jquery:3.4.0,jQuery - 3.4.0,jquery - 3.4.0 None
CVE-2015-9251

Path to dependency file: /test/index.html

Path to vulnerable library: /test/index.html

Dependency Hierarchy:

-> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library)

Medium 6.1 Direct jquery-11.0-1.7.22-1.min.js jquery-11.0-1.7.22-1.min.js jquery - 3.0.0,org.webjars.npm:jquery:1.12.2,jQuery - 3.0.0,jquery-rails - 4.2.0,jquery - 1.12.2,org.webjars.npm:jquery:3.0.0,jQuery - 1.12.2,jQuery - 3.0.0,org.webjars.npm:jquery:1.12.2,org.webjars.npm:jquery:3.0.0,jquery - 3.0.0,jquery - 1.12.2,jQuery - 1.12.2,jquery-rails - 4.2.0 None
CVE-2020-15168

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/isomorphic-fetch/node_modules/node-fetch/package.json

Dependency Hierarchy:

-> react-15.0.2.tgz (Root Library)

   -> fbjs-0.8.18.tgz

     -> isomorphic-fetch-2.2.1.tgz

       -> ❌ node-fetch-1.7.3.tgz (Vulnerable Library)

Low 2.6 Transitive node-fetch-1.7.3.tgz react-15.0.2.tgz Transitive node-fetch - 2.6.1,node-fetch - 3.0.0-beta.9 None

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2015-9251 jquery-1.9.1.js
CVE-2025-5889 brace-expansion-1.1.11.tgz
CVE-2020-11022 jquery-1.9.1.js
CVE-2026-26996 minimatch-3.1.2.tgz
CVE-2019-11358 jquery-1.9.1.js
CVE-2017-16129 superagent-1.2.0.tgz
CVE-2020-11023 jquery-1.9.1.js

Base branch total remaining vulnerabilities: 36
Base branch commit: null


Total libraries scanned: 271

Scan token: f44bb07a37a642e79bcc4274b6fdf26f

View more details on Dev - Mend for GitHub.com