Fix CVE–2022–25912 #59
An automation triggered a pipeline warning
Found 66 vulnerabilities. An additional 28 vulnerabilities have been marked as unaffected.
Output from Automations
4 rules were checked:
If a dependency contains a vulnerability which has not been marked as unaffected
where CVSS is at least high (7.0-8.9)then fail pipeline and notify accesstoken\[email protected] by email
✔️ The rule did not trigger. Manage rule
If a new dependency is added which is licensed under AGPL-3.0-only
then fail pipeline
✔️ The rule did not trigger. Manage rule
If there is a dependency which is licensed under LGPL-2.0-only, LGPL-2.0-or-later, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-3.0-or-later or LGPL-3.0-only
then fail pipeline
✔️ The rule did not trigger. Manage rule
If there is a dependency where the license risk is at least high
then send a pipeline warning
| Dependency | Dependency Licenses |
|---|---|
| @webassemblyjs/ast (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/helper-buffer (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/helper-code-frame (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/helper-wasm-bytecode (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/helper-wasm-section (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/wasm-edit (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/wasm-gen (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/wasm-opt (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/wasm-parser (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/wast-parser (npm) | GPL-2.0-only, MIT |
| @webassemblyjs/wast-printer (npm) | GPL-2.0-only, MIT |