Update dependency node-libs-browser to v1#31
Update dependency node-libs-browser to v1#31dev-mend-for-github-com[bot] wants to merge 1 commit into
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-2026-26996Path to dependency file: /package.json Path to vulnerable library: /node_modules/commoner/node_modules/minimatch/package.json Dependency Hierarchy: -> react-0.13.3.tgz (Root Library) -> envify-3.4.1.tgz -> jstransform-11.0.3.tgz -> commoner-0.10.8.tgz -> glob-5.0.15.tgz -> ❌ minimatch-3.1.5.tgz (Vulnerable Library) |
 High |
7.5 | Transitive minimatch-3.1.5.tgz |
react-0.13.3.tgz | Transitive 10.2.1 |
#11 |
CVE-2020-11023Path to dependency file: /test/index.html Path to vulnerable library: /test/index.html Dependency Hierarchy: -> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library) |
 Medium |
6.9 | Direct jquery-11.0-1.7.22-1.min.js |
jquery-11.0-1.7.22-1.min.js | org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0,jQuery - 3.5.0 | None |
CVE-2020-11022Path to dependency file: /test/index.html Path to vulnerable library: /test/index.html Dependency Hierarchy: -> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library) |
Medium |
6.9 | Direct jquery-11.0-1.7.22-1.min.js |
jquery-11.0-1.7.22-1.min.js | org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0 | None |
CVE-2019-11358Path to dependency file: /test/index.html Path to vulnerable library: /test/index.html Dependency Hierarchy: -> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library) |
Medium |
6.1 | Direct jquery-11.0-1.7.22-1.min.js |
jquery-11.0-1.7.22-1.min.js | org.webjars.npm:jquery:3.4.0,django - 2.2.2,jquery - 3.4.0,jquery-rails - 4.3.4,django - 2.1.9,jQuery - 3.4.0,jQuery - 3.4.0 | None |
CVE-2015-9251Path to dependency file: /test/index.html Path to vulnerable library: /test/index.html Dependency Hierarchy: -> ❌ jquery-11.0-1.7.22-1.min.js (Vulnerable Library) |
Medium |
6.1 | Direct jquery-11.0-1.7.22-1.min.js |
jquery-11.0-1.7.22-1.min.js | jquery - 3.0.0,org.webjars.npm:jquery:1.12.2,jQuery - 3.0.0,jquery-rails - 4.2.0,jquery - 1.12.2,org.webjars.npm:jquery:3.0.0,jQuery - 1.12.2,jQuery - 3.0.0,org.webjars.npm:jquery:1.12.2,org.webjars.npm:jquery:3.0.0,jquery - 3.0.0,jquery - 1.12.2,jQuery - 1.12.2,jquery-rails - 4.2.0 | None |
CVE-2025-14505Path to dependency file: /package.json Path to vulnerable library: /node_modules/elliptic/package.json Dependency Hierarchy: -> node-libs-browser-1.0.0.tgz (Root Library) -> crypto-browserify-3.12.1.tgz -> browserify-sign-4.2.5.tgz -> ❌ elliptic-6.6.1.tgz (Vulnerable Library) |
Medium |
5.6 | Transitive elliptic-6.6.1.tgz |
node-libs-browser-1.0.0.tgz | None | |
CVE-2026-2739Path to dependency file: /package.json Path to vulnerable library: /node_modules/asn1.js/node_modules/bn.js/package.json,/node_modules/create-ecdh/node_modules/bn.js/package.json,/node_modules/diffie-hellman/node_modules/bn.js/package.json,/node_modules/elliptic/node_modules/bn.js/package.json,/node_modules/miller-rabin/node_modules/bn.js/package.json,/node_modules/public-encrypt/node_modules/bn.js/package.json Dependency Hierarchy: -> node-libs-browser-1.0.0.tgz (Root Library) -> crypto-browserify-3.12.1.tgz -> diffie-hellman-5.0.3.tgz -> ❌ bn.js-4.12.3.tgz (Vulnerable Library) |
Medium |
5.3 | Transitive bn.js-4.12.3.tgz |
node-libs-browser-1.0.0.tgz | Transitive https://github.com/indutny/bn.js.git - v5.2.3 |
None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2015-9251 | jquery-1.9.1.js |
| CVE-2025-5889 | brace-expansion-1.1.11.tgz |
| CVE-2020-11022 | jquery-1.9.1.js |
| CVE-2026-26996 | minimatch-3.1.2.tgz |
| CVE-2019-11358 | jquery-1.9.1.js |
| CVE-2017-16129 | superagent-1.2.0.tgz |
| CVE-2020-11023 | jquery-1.9.1.js |
Base branch total remaining vulnerabilities: 37
Base branch commit: null
Total libraries scanned: 338
Scan token: c77d5f0b7a104e319f98a8d172274c6e