Update dependency hashicorp/terraform to v1.6.6 #1370

renovate · 2023-07-28T14:09:28Z

This PR contains the following updates:

Package	Type	Update	Change
hashicorp/terraform		minor	`1.5.3` -> `1.6.6`
hashicorp/terraform	required_version	minor	`1.5.3` -> `1.6.6`

Release Notes

hashicorp/terraform (hashicorp/terraform)

`v1.6.6`

Compare Source

1.6.6 (December 13, 2023)

BUG FIXES:

terraform test: Stop attempting to destroy run blocks that have no actual infrastructure to destroy. This fixes an issue where attempts to destroy "verification" run blocks that load only data sources would fail if the underlying infrastructure referenced by the run blocks had already been destroyed. (#34331)
cloud: prevent running saved cloud plans in VCS-connected workspaces. Saved plans might be applied later, and VCS workspaces shouldn't apply configurations that don't come from their designated VCS branch.
core: Unmanaged plugins (mainly used by provider acceptance testing) would not have a provider address set, preventing the caching of their schemas (#34380)

`v1.6.5`

Compare Source

1.6.5 (November 29, 2023)

BUG FIXES:

backend/s3: Fixes parsing errors in shared config and credentials files. (#34313)
backend/s3: Fixes error with AWS SSO when using FIPS endpoints. (#34313)

`v1.6.4`

Compare Source

1.6.4 (November 15, 2023)

ENHANCEMENTS:

backend/s3: Add the parameter endpoints.sso to allow overriding the AWS SSO API endpoint. (#34195)

BUG FIXES:

terraform test: Fix bug preventing passing sensitive output values from previous run blocks as inputs to future run blocks. (#34190)
backend/s3: Add https_proxy and no_proxy parameters to allow fully specifying proxy configuration (#34243)

`v1.6.3`

Compare Source

1.6.3 (November 1, 2023)

ENHANCEMENTS:

backend/s3: Adds the parameter skip_s3_checksum to allow users to disable checksum on S3 uploads for compatibility with "S3-compatible" APIs. (#34127)

`v1.6.2`

Compare Source

1.6.2 (October 18, 2023)

BUG FIXES

terraform test: Fix performance issues when using provisioners within configs being tested. (#34026)
terraform test: Only process and parse relevant variables for each run block. (#34072)
Fix occasional crash when destroying configurations with variables containing validations. (#34101)
Fix interoperability issues between v1.6 series and earlier series by removing variable validations from the state file (#34058).
cloud: Fixes panic when saving state in Terraform Cloud when certain types of API errors are returned (#34074).
config: Fix crash in conditional statements with certain combinations of unknown values. Improve handling of refined values into the conditional expression results (#34096)
config: Update HCL to fix bug when decoding objects with optional attributes (#34108)
backend/s3: Some configurations would require -reconfigure during each init when config was not decoded correctly (#34108)

`v1.6.1`

Compare Source

1.6.1 (October 10, 2023)

ENHANCEMENTS:

backend/s3: The skip_requesting_account_id argument supports AWS API implementations that do not have the IAM, STS, or metadata API. (#34002)

BUG FIXES:

config: Using sensitive values as one or both of the results of a conditional expression will no longer crash. [GH-33996]
config: Conditional expression returning refined-non-null result will no longer crash. [GH-33996]
cli: Reverted back to previous behavior of ignoring signing key expiration for provider installation, since it's the provider registry's responsibility to verify key validity at publication time. [GH-34004]
cli: GIT_SSH_COMMAND is now preserved again when fetching modules from git source addresses. [GH-34045]
cloud: The TF_WORKSPACE environment variable works with the cloud block again; it can specify a workspace when none is configured, or select an active workspace when the config specifies tags. [GH-34012]
backend/s3: S3, DynamoDB, IAM, and STS endpoint parameters will no longer fail validation if the parsed scheme or hostname is empty. (#34017)
backend/s3: Providing a key alias to the kms_key_id argument will no longer fail validation. (#33993)

`v1.6.0`

Compare Source

1.6.0 (October 4, 2023)

UPGRADE NOTES:

On macOS, Terraform now requires macOS 10.15 Catalina or later; support for previous versions has been discontinued.
On Windows, Terraform now requires at least Windows 10 or Windows Server 2016; support for previous versions has been discontinued.
The S3 backend has a number of significant changes to its configuration format in this release, intended to match with recent changes in the hashicorp/aws provider:
- Configuration settings related to assuming IAM roles now belong to a nested block assume_role. The top-level arguments role_arn, session_name, external_id, assume_role_duration_seconds, assume_role_policy_arns, assume_role_tags, and assume_role_transitive_tag_keys are all now deprecated in favor of the nested equivalents. (#30495)
- Configuration settings related to overriding the locations of AWS service endpoints used by the provider now belong to a nested block endpoints. The top-level arguments dynamodb_endpoint, iam_endpoint, endpoint (fir S3), and sts_endpoint are now deprecated in favor of the nested equivalents. (#30492)
- The backend now uses the following environment variables for overriding the default locations of AWS service endpoints used by the provider: AWS_ENDPOINT_URL_DYNAMODB, AWS_ENDPOINT_URL_IAM, AWS_ENDPOINT_URL_S3, and AWS_ENDPOINT_URL_STS. The old non-standard names for these environment variables are now deprecated: AWS_DYNAMODB_ENDPOINT, AWS_IAM_ENDPOINT, AWS_S3_ENDPOINT, and AWS_STS_ENDPOINT. (#30479)
- The singular shared_credentials_file argument is deprecated in favor of the plural shared_credentials_files.
- The force_path_style argument is deprecated in favor of use_path_style for consistency with the AWS SDK. (#30491)

NEW FEATURES:

terraform test: The terraform test command is now generally available. This comes with a significant change to how tests are written and executed, based on feedback from the experimental phase.

Terraform tests are written in .tftest.hcl files, containing a series of run blocks. Each run block executes a Terraform plan and optional apply against the Terraform configuration under test and can check conditions against the resulting plan and state.

ENHANCEMENTS:

config: The import block id field now accepts expressions referring to other values such as resource attributes, as long as the value is a string known at plan time. (#33618)
Terraform Cloud integration: Remote plans on Terraform Cloud/Enterprise can now be saved using the -out option, viewed using terraform show, and applied using terraform apply with the saved plan filename. (#33492)
config: Terraform can now track some additional detail about values that won't be known until the apply step, such as the range of possible lengths for a collection or whether an unknown value can possibly be null.
core: Provider schemas can now be cached globally for compatible providers, allowing them to be reused throughout core without requesting them for each new provider instance. This can significantly reduce memory usage when there are many instances of the same provider in a single configuration (#33482)

When this information is available, Terraform can potentially generate known results for some operations on unknown values. This doesn't mean that Terraform can immediately track that detail in all cases, but the type system now supports that and so over time we can improve the level of detail generated by built-in functions, language operators, Terraform providers, etc. (#33234)
config: The try and can functions can now return more precise and consistent results when faced with unknown arguments (#33758)
terraform show -json: Now includes errored property, indicating whether the planning process halted with an error. An errored plan is not applyable. (#33372)
core: Terraform will now skip requesting the (possibly very large) provider schema from providers which indicate during handshake that they don't require that for correct behavior, in situations where Terraform Core itself does not need the schema. (#33486)
backend/kubernetes: The Kubernetes backend is no longer limited to storing states below 1MiB in size, and can now scale by splitting state across multiple secrets. (#29678)
backend/s3: Various improvements for consistency with hashicorp/aws provider capabilities:
- assume_role_with_web_identity nested block for assuming a role with dynamic credentials such as a JSON Web Token. (#31244)
- Now honors the standard AWS environment variables for credential and configuration files: AWS_CONFIG_FILE and AWS_SHARED_CREDENTIALS_FILE. (#30493)
- shared_config_files and shared_credentials_files arguments for specifying credential and configuration files as part of the backend configuration. (#30493)
- Internally the backend now uses AWS SDK for Go v2, which should address various other missing behaviors that are handled by the SDK rather than by Terraform itself. (#30443)
- custom_ca_bundle argument and support for the corresponding AWS environment variable, AWS_CA_BUNDLE, for providing custom root and intermediate certificates. (#33689)
- ec2_metadata_service_endpoint and ec2_metadata_service_endpoint_mode arguments and support for the corresponding AWS environment variables, AWS_EC2_METADATA_SERVICE_ENDPOINT and AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE for setting the EC2 metadata service (IMDS) endpoint. The environment variable AWS_METADATA_URL is also supported for compatibility with the AWS provider, but is deprecated. (#30444)
- http_proxy, insecure, use_fips_endpoint, and use_dualstack_endpoint arguments and support for the corresponding environment variables, HTTP_PROXY and HTTPS_PROXY, which enable custom HTTP proxy configurations and the resolution of AWS endpoints with extended capabilities. (#30496)
- sts_region argument to use an alternative region for STS operations. (#33693)
- retry_mode argument and support for the corresponding AWS_RETRY_MODE environment variable to configure how retries are attempted. (#33692)
- allowed_account_ids and forbidden_account_ids arguments to prevent unintended modifications to specified environments. (#33688)
backend/cos: Support custom HTTP(S) endpoint and root domain for the API client. (#33656)

BUG FIXES:

core: Transitive dependencies were lost during apply when the referenced resource expanded into zero instances. (#33403)
cli: Terraform will no longer override SSH settings in local git configuration when installing modules. (#33592)
terraform built-in provider: The upstream dependency that Terraform uses for service discovery of Terraform-native services such as Terraform Cloud/Enterprise state storage was previously not concurrency-safe, but Terraform was treating it as if it was in situations like when a configuration has multiple terraform_remote_state blocks all using the "remote" backend. Terraform is now using a newer version of that library which updates its internal caches in a concurrency-safe way. (#33364)
terraform init: Terraform will no longer allow downloading remote modules to invalid paths. (#33745)
Ignore potential remote terraform version mismatch when running force-unlock (#28853)
cloud: Fixed a bug that would prevent nested symlinks from being dereferenced into the config sent to Terraform Cloud (#31895)
cloud: state snapshots could not be disabled when header x-terraform-snapshot-interval is absent (#33820)

Previous Releases

For information on prior major and minor releases, see their changelogs:

`v1.5.7`

Compare Source

1.5.7 (September 7, 2023)

BUG FIXES:

terraform init: Terraform will no longer allow downloading remote modules to invalid paths. (#33745)
terraform_remote_state: prevent future possible incompatibility with states which include unknown check block result kinds. (#33818)

`v1.5.6`

Compare Source

1.5.6 (August 23, 2023)

BUG FIXES:

terraform_remote_state: Fixed a potential unsafe read panic when reading from multiple terraform_remote_state data sources (#33333)

`v1.5.5`

Compare Source

1.5.5 (August 9, 2023)

terraform init: Fix crash when using invalid configuration in backend blocks. (#33628)

`v1.5.4`

Compare Source

1.5.4 (July 26, 2023)

BUG FIXES:

check blocks: Fixes crash when nested data sources are within configuration targeted by the terraform import command. (#33578)
check blocks: Check blocks now operate in line with other checkable objects by also executing during import operations. (#33578)

Configuration

📅 Schedule: Branch creation - "after 11pm,before 6am" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

coveralls · 2023-07-28T14:14:05Z

Pull Request Test Coverage Report for Build 7202366998

0 of 0 changed or added relevant lines in 0 files are covered.
No unchanged relevant lines lost coverage.
Overall coverage remained the same at 85.602%

Totals
Change from base Build 7093585805:	0.0%
Covered Lines:	250
Relevant Lines:	280

💛 - Coveralls

github-actions · 2023-07-28T14:16:01Z

Snyk vulnerability report

OSS packages

Tested 1715 dependencies for known issues, found 7 issues, 8 vulnerable paths.

Issues to fix by upgrading:

Upgrade gatsby@4.25.7 to gatsby@5.0.0 to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in gatsby-cli@4.25.0
introduced by gatsby@4.25.7 > gatsby-cli@4.25.0

Upgrade gatsby-transformer-remark@5.25.1 to gatsby-transformer-remark@6.10.0 to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in gatsby-transformer-remark@5.25.1
introduced by gatsby-transformer-remark@5.25.1

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in ansi-regex@2.1.1
introduced by gatsby@4.25.7 > gatsby-cli@4.25.0 > pretty-error@2.1.2 > renderkid@2.0.7 > strip-ansi@3.0.1 > ansi-regex@2.1.1
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-CSSWHAT-1298035] in css-what@3.4.2
introduced by gatsby-plugin-optimize-svgs@1.0.5 > svgo@1.3.2 > css-select@2.1.0 > css-what@3.4.2
This issue was fixed in versions: 5.0.1
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in html-minifier@4.0.0
introduced by html-minifier@4.0.0
No upgrade or patch available
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in lodash.template@4.5.0
introduced by gatsby-plugin-offline@5.23.1 > workbox-build@4.3.1 > lodash.template@4.5.0
No upgrade or patch available
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in semver@7.0.0
introduced by gatsby-legacy-polyfills@2.23.0 > core-js-compat@3.9.0 > semver@7.0.0 and 1 other path(s)
This issue was fixed in versions: 5.7.2, 6.3.1, 7.5.2

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 23
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 25
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 41
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

3 Code issues found
3 [Medium]

IaC

Snyk Infrastructure as Code

Snyk testing Infrastructure as Code configuration issues.
✔ Test completed.

Issues
No vulnerable paths were found!

Test Summary

Organization: tubone24
Project name: tubone24/blog

✔ Files without issues: 3
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]

Tip

New: Share your test results in the Snyk Web UI with the option --report

Container

Testing test-blog...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-1534833
Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1
From: util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1
and 25 more...

✗ Low severity vulnerability found in util-linux/libuuid1
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-UTILLINUX-2401082
Introduced through: util-linux/libuuid1@2.33.1-0.1, e2fsprogs@1.44.5-1+deb10u3, util-linux/mount@2.33.1-0.1, util-linux/fdisk@2.33.1-0.1, util-linux/libblkid1@2.33.1-0.1, util-linux@2.33.1-0.1, sysvinit/sysvinit-utils@2.93-8, util-linux/bsdutils@1:2.33.1-0.1, util-linux/libfdisk1@2.33.1-0.1, util-linux/libmount1@2.33.1-0.1, util-linux/libsmartcols1@2.33.1-0.1
From: util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libuuid1@2.33.1-0.1
From: e2fsprogs@1.44.5-1+deb10u3 > util-linux/libblkid1@2.33.1-0.1 > util-linux/libuuid1@2.33.1-0.1
and 25 more...

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > tar@1.30+dfsg-6

✗ Low severity vulnerability found in tar
Description: CVE-2005-2541
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-312331
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > tar@1.30+dfsg-6

✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-3253529
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > tar@1.30+dfsg-6

✗ Low severity vulnerability found in tar
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-TAR-341203
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > tar@1.30+dfsg-6

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Authentication Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-2332026
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Privilege Chaining
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Incorrect Privilege Assignment
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Missing Release of Resource after Effective Lifetime
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733386
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733393
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Validation of Integrity Check Value
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-5733397
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Time-of-check Time-of-use (TOCTOU)
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Access Restriction Bypass
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: NULL Pointer Dereference
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-3310899
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in shadow/passwd
Description: Arbitrary Code Injection
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SHADOW-5423925
Introduced through: shadow/passwd@1:4.5-1.1, adduser@3.118, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: shadow/passwd@1:4.5-1.1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-1925980
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > perl/perl-base@5.28.1-6+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Link Following
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-327793
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > perl/perl-base@5.28.1-6+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489186
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > perl/perl-base@5.28.1-6+deb10u1

✗ Low severity vulnerability found in perl/perl-base
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PERL-5489188
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > perl/perl-base@5.28.1-6+deb10u1

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Integer Overflow or Wraparound
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-1655739
Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3
From: ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in ncurses/libtinfo6
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-NCURSES-5421196
Introduced through: ncurses/libtinfo6@6.1+20181013-2+deb10u3, bash@5.0-4, ncurses/ncurses-bin@6.1+20181013-2+deb10u3, util-linux/fdisk@2.33.1-0.1, util-linux/mount@2.33.1-0.1, ncurses/libncursesw6@6.1+20181013-2+deb10u3, ncurses/ncurses-base@6.1+20181013-2+deb10u3
From: ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: bash@5.0-4 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
From: ncurses/ncurses-bin@6.1+20181013-2+deb10u3 > ncurses/libtinfo6@6.1+20181013-2+deb10u3
and 7 more...

✗ Low severity vulnerability found in lz4/liblz4-1
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072
Introduced through: lz4/liblz4-1@1.8.3-1+deb10u1, apt@1.8.2.3
From: lz4/liblz4-1@1.8.3-1+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > lz4/liblz4-1@1.8.3-1+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > lz4/liblz4-1@1.8.3-1+deb10u1

✗ Low severity vulnerability found in libtasn1-6
Description: CVE-2018-1000654
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585
Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3
From: libtasn1-6@4.13-3
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315628
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315630
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315636
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1

✗ Low severity vulnerability found in libsepol/libsepol1
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSEPOL-1315642
Introduced through: libsepol/libsepol1@2.8-1, adduser@3.118
From: libsepol/libsepol1@2.8-1
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > libsemanage/libsemanage1@2.8-2 > libsepol/libsepol1@2.8-1

✗ Low severity vulnerability found in libseccomp/libseccomp2
Description: CVE-2019-9893
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044
Introduced through: libseccomp/libseccomp2@2.3.3-4, apt@1.8.2.3
From: libseccomp/libseccomp2@2.3.3-4
From: apt@1.8.2.3 > libseccomp/libseccomp2@2.3.3-4

✗ Low severity vulnerability found in libidn2/libidn2-0
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100
Introduced through: libidn2/libidn2-0@2.0.5-1+deb10u1, apt@1.8.2.3
From: libidn2/libidn2-0@2.0.5-1+deb10u1
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libidn2/libidn2-0@2.0.5-1+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893
Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3
From: libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902
Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3
From: libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1

✗ Low severity vulnerability found in libgcrypt20
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489
Introduced through: libgcrypt20@1.8.4-5+deb10u1, apt@1.8.2.3
From: libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2 > libgcrypt20@1.8.4-5+deb10u1
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8 > libgcrypt20@1.8.4-5+deb10u1

✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755
Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3
From: gnutls28/libgnutls30@3.6.7-4+deb10u9
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-3330746
Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3
From: gnupg2/gpgv@2.2.12-1+deb10u2
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2

✗ Low severity vulnerability found in gnupg2/gpgv
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553
Introduced through: gnupg2/gpgv@2.2.12-1+deb10u2, apt@1.8.2.3
From: gnupg2/gpgv@2.2.12-1+deb10u2
From: apt@1.8.2.3 > gnupg2/gpgv@2.2.12-1+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2019-1010023
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Use of Insufficiently Random Values
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ Low severity vulnerability found in gcc-8/libstdc++6
Description: Insufficient Entropy
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413
Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, meta-common-packages@meta
From: gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
and 2 more...

✗ Low severity vulnerability found in e2fsprogs/libcom-err2
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-E2FSPROGS-2628482
Introduced through: e2fsprogs/libcom-err2@1.44.5-1+deb10u3, e2fsprogs@1.44.5-1+deb10u3, e2fsprogs/libext2fs2@1.44.5-1+deb10u3, e2fsprogs/libss2@1.44.5-1+deb10u3
From: e2fsprogs/libcom-err2@1.44.5-1+deb10u3
From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3
From: e2fsprogs@1.44.5-1+deb10u3 > e2fsprogs/libss2@1.44.5-1+deb10u3 > e2fsprogs/libcom-err2@1.44.5-1+deb10u3
and 5 more...

✗ Low severity vulnerability found in coreutils
Description: Improper Input Validation
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465
Introduced through: coreutils@8.30-3
From: coreutils@8.30-3

✗ Low severity vulnerability found in coreutils
Description: Race Condition
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494
Introduced through: coreutils@8.30-3
From: coreutils@8.30-3

✗ Low severity vulnerability found in bash
Description: Improper Check for Dropped Privileges
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-BASH-536280
Introduced through: bash@5.0-4
From: bash@5.0-4

✗ Low severity vulnerability found in apt/libapt-pkg5.0
Description: Improper Verification of Cryptographic Signature
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-APT-407502
Introduced through: apt/libapt-pkg5.0@1.8.2.3, apt@1.8.2.3
From: apt/libapt-pkg5.0@1.8.2.3
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3
From: apt@1.8.2.3

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: Off-by-one Error
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3111121
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u10

✗ Medium severity vulnerability found in systemd/libsystemd0
Description: CVE-2022-4415
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3177744
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7~deb10u8
and 4 more...

✗ High severity vulnerability found in systemd/libsystemd0
Description: CVE-2023-26604
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-3339153
Introduced through: systemd/libsystemd0@241-7~~deb10u8, util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.3, util-linux/mount@2.33.1-0.1, systemd/libudev1@241-7~~deb10u8
From: systemd/libsystemd0@241-7deb10u8
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7deb10u8
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > systemd/libsystemd0@241-7deb10u8
and 4 more...
Fixed in: 241-7deb10u9

✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-3318300
Introduced through: gnutls28/libgnutls30@3.6.7-4+deb10u9, apt@1.8.2.3
From: gnutls28/libgnutls30@3.6.7-4+deb10u9
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9
Fixed in: 3.6.7-4+deb10u10

✗ High severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Write
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488
Introduced through: glibc/libc-bin@2.28-10+deb10u2, meta-common-packages@meta
From: glibc/libc-bin@2.28-10+deb10u2
From: meta-common-packages@meta > glibc/libc6@2.28-10+deb10u2

✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Information Exposure
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558
Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.3, meta-common-packages@meta
From: gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.3 > apt/libapt-pkg5.0@1.8.2.3 > gcc-8/libstdc++6@8.3.0-6
and 2 more...

✗ Critical severity vulnerability found in libtasn1-6
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-3061094
Introduced through: libtasn1-6@4.13-3, apt@1.8.2.3
From: libtasn1-6@4.13-3
From: apt@1.8.2.3 > gnutls28/libgnutls30@3.6.7-4+deb10u9 > libtasn1-6@4.13-3
Fixed in: 4.13-3+deb10u1

✗ Critical severity vulnerability found in db5.3/libdb5.3
Description: Out-of-bounds Read
Info: https://security.snyk.io/vuln/SNYK-DEBIAN10-DB53-2825169
Introduced through: db5.3/libdb5.3@5.3.28+dfsg1-0.5, adduser@3.118
From: db5.3/libdb5.3@5.3.28+dfsg1-0.5
From: adduser@3.118 > shadow/passwd@1:4.5-1.1 > pam/libpam-modules@1.3.1-5 > db5.3/libdb5.3@5.3.28+dfsg1-0.5

------------ Detected 24 vulnerabilities for node@18.12.1 ------------

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741888
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Improper Certificate Validation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741892
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Low severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741899
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Timing Attack
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326669
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326682
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Use After Free
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326683
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326684
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326685
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326686
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329554
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741792
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: HTTP Request Smuggling
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741793
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Inconsistency Between Implementation and Documented Design
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741796
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Over-read
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741894
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741895
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Insecure Randomness
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741896
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Buffer Underwrite (Buffer Underflow)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741900
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ Medium severity vulnerability found in node
Description: Privilege Escalation
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5756501
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Insecure Permissions
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326666
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326668
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3326688
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-3329555
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.14.1

✗ High severity vulnerability found in node
Description: Prototype Pollution
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741794
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

✗ High severity vulnerability found in node
Description: Denial of Service (DoS)
Info: https://security.snyk.io/vuln/SNYK-UPSTREAM-NODE-5741889
Introduced through: node@18.12.1
From: node@18.12.1
Fixed in: 18.16.1

Organization: tubone24
Package manager: deb
Project name: docker-image|test-blog
Docker image: test-blog
Platform: linux/amd64
Base image: node:18.12.1-buster-slim
Licenses: enabled

Tested 86 dependencies for known issues, found 92 issues.

Base Image Vulnerabilities Severity
node:18.12.1-buster-slim 92 2 critical, 10 high, 17 medium, 63 low

Recommendations for base image upgrade:

Minor upgrades
Base Image Vulnerabilities Severity
node:18.16-buster-slim 64 1 critical, 2 high, 1 medium, 60 low

Major upgrades
Base Image Vulnerabilities Severity
node:20.4-buster-slim 64 1 critical, 2 high, 1 medium, 60 low

Alternative image types
Base Image Vulnerabilities Severity
node:20.4-bookworm-slim 28 0 critical, 0 high, 0 medium, 28 low
node:20.3.1-slim 28 0 critical, 0 high, 0 medium, 28 low
node:20.4-bullseye-slim 50 0 critical, 0 high, 0 medium, 50 low
node:20.3.1-bookworm 151 0 critical, 1 high, 0 medium, 150 low

Learn more: https://docs.snyk.io/products/snyk-container/getting-around-the-snyk-container-ui/base-image-detection

github-actions · 2023-07-28T14:16:23Z

Memlab leaks report

page-load [8MB] (baseline) [s1] > action-on-page [9MB] (target) [s2] > revert [9.2MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 1047--
--Retained size of leaked objects: 139.8KB--
[<synthetic>] (synthetic) @1 [10.1MB]
  --6 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9831 [76.3KB]
  --webpackChunkblog (property)--->  [Array] (object) @59535 [8.7KB]
  --push (property)--->  [native_bind] (closure) @214223 [128 bytes]
  --bound_function (internal)--->  [r] (closure) @140297 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @140303 [312 bytes]
  --previous (internal)--->  [<function scope>] (object) @288267 [43.9KB]
  --n (variable)--->  [Object] (object) @288273 [43.9KB]
  --449 (element)--->  [Object] (object) @262543 [24 bytes]
  --exports (property)--->  [r] (closure) @262549 [2.6KB]
  --hasData (property)--->  [<closure>] (closure) @266023 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @266025 [1.3KB]
  --e (variable)--->  [Object] (object) @299585 [1KB]
  --2 (element)--->  [Object] (object) @378737 [76 bytes]
  --aaAutocomplete (property)--->  [f] (object) @372381 [348 bytes]
  --$input (property)--->  [q] (object) @372087 [96 bytes]
  --0 (element)--->  [Detached HTMLInputElement] (native) @367125 [2.8KB]
  --12 (element)--->  [Detached InternalNode] (native) @351366176 [1.4KB]
  --4 (element)--->  [Detached InternalNode] (native) @117556736 [1.2KB]
  --1 (element)--->  [Detached InternalNode] (native) @393333344 [1.2KB]
  --7 (element)--->  [Detached Attr] (native) @393253568 [96 bytes]

--Similar leaks in this run: 349--
--Retained size of leaked objects: 49.3KB--
[<synthetic>] (synthetic) @1 [10.1MB]
  --6 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9831 [76.3KB]
  --___push (property)--->  [<closure>] (closure) @59967 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @214413 [496 bytes]
  --a (variable)--->  [Module] (object) @226035 [5.8KB]
  --get version (property)--->  [version] (closure) @288479 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @175257 [16.6KB]
  --Qn (variable)--->  [y] (object) @482069 [368 bytes]
  --props (property)--->  [Object] (object) @482391 [28 bytes]
  --children (property)--->  [Object] (object) @470569 [296 bytes]
  --props (property)--->  [Object] (object) @472719 [56 bytes]
  --children (property)--->  [Object] (object) @472741 [1.2KB]
  --__ (property)--->  [Object] (object) @502231 [1.1KB]
  --__ (property)--->  [Object] (object) @502237 [940 bytes]
  --__ (property)--->  [Object] (object) @481913 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @367239 [476 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @367237 [400 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @367235 [400 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @366851 [13.2KB]
  --6 (element)--->  [Detached HTMLAnchorElement] (native) @366801 [1.8KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @366817 [1.8KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @366823 [2.6KB]
  --13 (element)--->  [Detached InternalNode] (native) @352521984 [912 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @352559552 [768 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @393483904 [768 bytes]
  --5 (element)--->  [Detached Attr] (native) @393311296 [96 bytes]

--Similar leaks in this run: 6--
--Retained size of leaked objects: 432 bytes--
[<synthetic>] (synthetic) @1 [10.1MB]
  --6 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9831 [76.3KB]
  --__twttrll (property)--->  [Array] (object) @59791 [184 bytes]
  --push (property)--->  [e] (closure) @287745 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @94157 [240 bytes]
  --n (variable)--->  [Object] (object) @287737 [14.8KB]
  --93 (element)--->  [Object] (object) @296293 [24 bytes]
  --exports (property)--->  [Object] (object) @298737 [3.5KB]
  --init (property)--->  [init] (closure) @298987 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @299101 [3.1KB]
  --r (variable)--->  [Detached HTMLFormElement] (native) @40803 [1.8KB]
  --4 (element)--->  [Detached HTMLInputElement] (native) @40809 [684 bytes]
  --8 (element)--->  [Detached InternalNode] (native) @352431200 [328 bytes]
  --1 (element)--->  [Detached ShadowRoot] (native) @95055360 [328 bytes]
  --4 (element)--->  [Detached V8ObservableArrayCSSStyleSheet] (native) @95055200 [120 bytes]
  --2 (element)--->  [Detached ObservableArrayExoticObject] (native) @393818624 [32 bytes]

github-actions · 2023-07-28T14:18:30Z

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/64c3ce11956b19087ad7a166
Website Draft URL: https://64c3ce11956b19087ad7a166--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

github-actions · 2023-07-28T14:18:44Z

Bundle Analyzer URL

https://64c3ce11956b19087ad7a166--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

github-actions · 2023-07-28T14:19:04Z

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/64c3ce52234a487c923d2129
Website Draft URL: https://64c3ce52234a487c923d2129--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

github-actions · 2023-07-28T14:20:05Z

Lighthouse Score

Desktop

performance: 79
accessibility: 100
best-practices: 92
seo: 92
pwa: 100

Mobile

performance: 62
accessibility: 100
best-practices: 83
seo: 93
pwa: 100

github-actions · 2023-07-29T03:42:55Z

Memlab leaks report

page-load [8MB] (baseline) [s1] > action-on-page [9MB] (target) [s2] > revert [9.2MB] (final) [s3]  
------3 clusters------

--Similar leaks in this run: 1344--
--Retained size of leaked objects: 160.3KB--
[<synthetic>] (synthetic) @1 [10.1MB]
  --6 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9845 [74.9KB]
  --webpackChunkblog (property)--->  [Array] (object) @65837 [8.7KB]
  --push (property)--->  [native_bind] (closure) @65421 [128 bytes]
  --bound_function (internal)--->  [r] (closure) @65425 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @95367 [312 bytes]
  --previous (internal)--->  [<function scope>] (object) @95355 [47.2KB]
  --n (variable)--->  [Object] (object) @95361 [47.2KB]
  --449 (element)--->  [Object] (object) @194179 [24 bytes]
  --exports (property)--->  [r] (closure) @194185 [2.6KB]
  --hasData (property)--->  [<closure>] (closure) @174811 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @174807 [1.3KB]
  --e (variable)--->  [Object] (object) @198941 [1KB]
  --1 (element)--->  [Object] (object) @212977 [76 bytes]
  --aaAutocomplete (property)--->  [f] (object) @216833 [348 bytes]
  --$node (property)--->  [q] (object) @216845 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @42225 [816 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @43355 [304 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @43385 [400 bytes]
  --7 (element)--->  [Detached HTMLElement] (native) @43395 [400 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @43403 [400 bytes]
  --8 (element)--->  [Detached HTMLDivElement] (native) @43401 [9.4KB]
  --5 (element)--->  [Detached HTMLAnchorElement] (native) @40959 [2KB]
  --12 (element)--->  [Detached InternalNode] (native) @388782432 [720 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @388781952 [576 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @155062496 [576 bytes]
  --2 (element)--->  [Detached Attr] (native) @394846912 [96 bytes]

--Similar leaks in this run: 271--
--Retained size of leaked objects: 49.3KB--
[<synthetic>] (synthetic) @1 [10.1MB]
  --6 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9845 [74.9KB]
  --___push (property)--->  [<closure>] (closure) @238133 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @64009 [496 bytes]
  --a (variable)--->  [Module] (object) @64013 [5.8KB]
  --get version (property)--->  [version] (closure) @95573 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @95405 [16.6KB]
  --Qn (variable)--->  [y] (object) @475305 [376 bytes]
  --props (property)--->  [Object] (object) @513961 [28 bytes]
  --children (property)--->  [Object] (object) @538767 [296 bytes]
  --props (property)--->  [Object] (object) @540389 [56 bytes]
  --children (property)--->  [Object] (object) @503985 [1.2KB]
  --__ (property)--->  [Object] (object) @503999 [1.1KB]
  --__ (property)--->  [Object] (object) @504015 [940 bytes]
  --__ (property)--->  [Object] (object) @504029 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @366463 [476 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @366461 [400 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @366449 [400 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @367047 [13.2KB]
  --8 (element)--->  [Detached HTMLElement] (native) @367065 [27.6KB]
  --5 (element)--->  [Detached HTMLDivElement] (native) @367063 [24.8KB]
  --5 (element)--->  [Detached Text] (native) @366583 [176 bytes]
  --6 (element)--->  [Detached HTMLHeadingElement] (native) @366579 [480 bytes]
  --9 (element)--->  [Detached Text] (native) @366565 [176 bytes]
  --7 (element)--->  [Detached HTMLImageElement] (native) @366561 [696 bytes]
  --8 (element)--->  [Detached Text] (native) @366555 [176 bytes]
  --7 (element)--->  [Detached HTMLSpanElement] (native) @366551 [880 bytes]
  --9 (element)--->  [Detached Text] (native) @366533 [176 bytes]
  --7 (element)--->  [Detached HTMLParagraphElement] (native) @366529 [1.1KB]
  --9 (element)--->  [Detached Text] (native) @366507 [176 bytes]
  --7 (element)--->  [Detached HTMLParagraphElement] (native) @366503 [480 bytes]
  --9 (element)--->  [Detached Text] (native) @366495 [176 bytes]
  --7 (element)--->  [Detached HTMLParagraphElement] (native) @366491 [480 bytes]
  --9 (element)--->  [Detached Text] (native) @366483 [176 bytes]
  --7 (element)--->  [Detached HTMLBRElement] (native) @366475 [304 bytes]
  --7 (element)--->  [Detached Text] (native) @366465 [176 bytes]
  --7 (element)--->  [Detached HTMLHeadingElement] (native) @366457 [480 bytes]
  --9 (element)--->  [Detached Text] (native) @366445 [176 bytes]
  --7 (element)--->  [Detached HTMLHeadingElement] (native) @366435 [480 bytes]
  --9 (element)--->  [Detached Text] (native) @366415 [176 bytes]
  --7 (element)--->  [Detached HTMLElement] (native) @366407 [1.6KB]
  --9 (element)--->  [Detached Text] (native) @366391 [176 bytes]
  --7 (element)--->  [Detached HTMLHeadingElement] (native) @366387 [480 bytes]
  --5 (element)--->  [Detached Text] (native) @366377 [176 bytes]
  --6 (element)--->  [Detached InternalNode] (native) @346812704 [32 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @388358688 [32 bytes]
  --1 (element)--->  [Detached NodeList] (native) @394836352 [32 bytes]

--Similar leaks in this run: 2--
--Retained size of leaked objects: 96 bytes--
[<synthetic>] (synthetic) @1 [10.1MB]
  --6 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @9845 [74.9KB]
  --__twttrll (property)--->  [Array] (object) @92785 [184 bytes]
  --push (property)--->  [e] (closure) @92787 [68 bytes]
  --context (internal)--->  [<function scope>] (object) @92771 [240 bytes]
  --n (variable)--->  [Object] (object) @92775 [14.8KB]
  --151 (element)--->  [Object] (object) @264219 [1KB]
  --exports (property)--->  [<closure>] (closure) @111845 [984 bytes]
  --context (internal)--->  [<function scope>] (object) @111841 [916 bytes]
  --d (variable)--->  [Detached HTMLAnchorElement] (native) @43983 [228 bytes]
  --3 (element)--->  [Detached DOMTokenList] (native) @388518208 [56 bytes]

github-actions · 2023-07-29T03:43:00Z

Snyk vulnerability report

OSS packages

Tested 1715 dependencies for known issues, found 7 issues, 8 vulnerable paths.

Issues to fix by upgrading:

Upgrade gatsby@4.25.7 to gatsby@5.0.0 to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYCLI-5671903] in gatsby-cli@4.25.0
introduced by gatsby@4.25.7 > gatsby-cli@4.25.0

Upgrade gatsby-transformer-remark@5.25.1 to gatsby-transformer-remark@6.10.0 to fix
✗ Information Exposure [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-GATSBYTRANSFORMERREMARK-5671901] in gatsby-transformer-remark@5.25.1
introduced by gatsby-transformer-remark@5.25.1

Issues with no direct upgrade or patch:
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908] in ansi-regex@2.1.1
introduced by gatsby@4.25.7 > gatsby-cli@4.25.0 > pretty-error@2.1.2 > renderkid@2.0.7 > strip-ansi@3.0.1 > ansi-regex@2.1.1
This issue was fixed in versions: 3.0.1, 4.1.1, 5.0.1, 6.0.1
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-CSSWHAT-1298035] in css-what@3.4.2
introduced by gatsby-plugin-optimize-svgs@1.0.5 > svgo@1.3.2 > css-select@2.1.0 > css-what@3.4.2
This issue was fixed in versions: 5.0.1
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-HTMLMINIFIER-3091181] in html-minifier@4.0.0
introduced by html-minifier@4.0.0
No upgrade or patch available
✗ Command Injection [High Severity][https://security.snyk.io/vuln/SNYK-JS-LODASHTEMPLATE-1088054] in lodash.template@4.5.0
introduced by gatsby-plugin-offline@5.23.1 > workbox-build@4.3.1 > lodash.template@4.5.0
No upgrade or patch available
✗ Regular Expression Denial of Service (ReDoS) [High Severity][https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795] in semver@7.0.0
introduced by gatsby-legacy-polyfills@2.23.0 > core-js-compat@3.9.0 > semver@7.0.0 and 1 other path(s)
This issue was fixed in versions: 5.7.2, 6.3.1, 7.5.2

Organization: tubone24
Package manager: yarn
Target file: yarn.lock
Project name: blog
Open source: no
Project path: .
Licenses: enabled

Application

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 23
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 25
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✗ [Medium] Path Traversal
Path: scripts/benchmark.js, line 41
Info: Unsanitized input from a command line argument flows into fs.writeFileSync, where it is used as a path. This may result in a Path Traversal vulnerability and allow an attacker to write to arbitrary files.

✔ Test completed

Organization: tubone24
Test type: Static code analysis
Project path: .

Summary:

3 Code issues found
3 [Medium]

IaC

Snyk Infrastructure as Code

Snyk testing Infrastructure as Code configuration issues.
✔ Test completed.