chore(deps): update dependency react-router to v4.2.0 by dev-mend-for-github-com[bot] · Pull Request #14 · TankOrgDev/soundcloud-redux

Security Report

You have successfully remediated 3 vulnerabilities, but introduced 2 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Direct Library	Suggested Fix	Issue
CVE-941441-362681 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-scripts-1.0.10.tgz (Root Library) -> eslint-3.19.0.tgz -> glob-7.1.2.tgz -> ❌ once-1.4.0.tgz (Vulnerable Library)	Critical	9.8	`Transitive` once-1.4.0.tgz	react-scripts-1.0.10.tgz		#⁠10
CVE-214679-86261 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-scripts-1.0.10.tgz (Root Library) -> babel-core-6.25.0.tgz -> babel-register-6.24.1.tgz -> home-or-tmp-2.0.0.tgz -> ❌ os-tmpdir-1.0.2.tgz (Vulnerable Library)	Critical	9.8	`Transitive` os-tmpdir-1.0.2.tgz	react-scripts-1.0.10.tgz		#⁠10

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
WS-2018-0347	eslint-3.19.0.tgz
CVE-2017-16119	fresh-0.5.0.tgz
CVE-2017-16028	randomatic-1.1.7.tgz

Base branch total remaining vulnerabilities: 233
Base branch commit: null

Total libraries scanned: 1043

Scan token: 5d51bc8823ea4c5fa644abb412af50b2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency react-router to v4.2.0#14

chore(deps): update dependency react-router to v4.2.0#14
dev-mend-for-github-com[bot] wants to merge 1 commit into
masterfrom
whitesource-remediate/react-router-4.x-lockfile

Uh oh!

Security Report

Re-running checks...