{ "vulnerabilities": [ { "category": "dependency_scanning", "name": "Vulnerabilities in libxml2", "message": "Vulnerabilities in libxml2 in nokogiri", "description": "", "cve": "CVE-1020", "severity": "High", "solution": "Upgrade to latest version.", "scanner": { "id": "gemnasium", "name": "Gemnasium" }, "location": { "file": "yarn/yarn.lock", "dependency": { "package": { "name": "io.netty/netty" }, "version": "3.9.1.Final" } }, "identifiers": [ { "value": "2017-11429", "type": "cwe", "name": "CWE-2017-11429", "url": "https://cve.mitre.org/cgi-bin/cwename.cgi?name=CWE-2017-11429" }, { "value": "2017-11429", "type": "cve", "name": "CVE-2017-11429", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11429" } ], "links": [ { "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1020" } ] }, { "id": "bb2fbeb1b71ea360ce3f86f001d4e84823c3ffe1a1f7d41ba7466b14cfa953d3", "category": "dependency_scanning", "name": "Regular Expression Denial of Service", "message": "", "description": "", "cve": "CVE-1030", "severity": "Unknown", "solution": "Upgrade to latest versions.", "scanner": { "id": "gemnasium", "name": "Gemnasium" }, "location": { "file": "yarn/yarn.lock", "dependency": { "package": { "name": "io.netty/netty" }, "version": "3.9.1.Final" } }, "identifiers": [ { "value": "2017-11429", "type": "cwe", "name": "CWE-2017-11429", "url": "https://cve.mitre.org/cgi-bin/cwename.cgi?name=CWE-2017-11429" }, { "value": "2017-11429", "type": "cve", "name": "CVE-2017-11429", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11429" } ], "links": [ { "name": "CVE-1030", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1030" } ] }, { "category": "dependency_scanning", "name": "", "message": "", "description": "", "cve": "CVE-2017-11429", "severity": "Unknown", "solution": "Upgrade to fixed version.\r\n", "scanner": { "id": "gemnasium", "name": "Gemnasium" }, "location": { "file": "yarn/yarn.lock", "dependency": { "package": { "name": "io.netty/netty" }, "version": "3.9.1.Final" } }, "identifiers": [ { "value": "2017-11429", "type": "cwe", "name": "CWE-2017-11429", "url": "https://cve.mitre.org/cgi-bin/cwename.cgi?name=CWE-2017-11429" }, { "value": "2017-11429", "type": "cve", "name": "CVE-2017-11429", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11429" } ], "links": [] }, { "category": "dependency_scanning", "name": "", "message": "", "description": "", "cve": "CWE-2017-11429", "severity": "Unknown", "solution": "Upgrade to fixed version.\r\n", "scanner": { "id": "gemnasium", "name": "Gemnasium" }, "location": { "file": "yarn/yarn.lock", "dependency": { "package": { "name": "io.netty/netty" }, "version": "3.9.1.Final" } }, "identifiers": [ { "value": "2017-11429", "type": "cwe", "name": "CwE-2017-11429", "url": "https://cwe.mitre.org/cgi-bin/cwename.cgi?name=CWE-2017-11429" }, { "value": "2017-11429", "type": "other", "name": "other-2017-11429", "url": "https://other.mitre.org/cgi-bin/othername.cgi?name=other-2017-11429" } ], "links": [] }, { "category": "dependency_scanning", "name": "", "message": "", "description": "", "cve": "OTHER-2017-11429", "severity": "Unknown", "solution": "Upgrade to fixed version.\r\n", "scanner": { "id": "gemnasium", "name": "Gemnasium" }, "location": { "file": "yarn/yarn.lock", "dependency": { "package": { "name": "io.netty/netty" }, "version": "3.9.1.Final" } }, "identifiers": [ { "value": "2017-11429", "type": "other", "name": "other-2017-11429", "url": "https://other.mitre.org/cgi-bin/othername.cgi?name=other-2017-11429" } ], "links": [] } ], "remediations": [], "dependency_files": [], "scan": { "scanner": { "id": "gemnasium", "name": "Gemnasium", "url": "https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven", "vendor": { "name": "GitLab" }, "version": "2.18.0" }, "type": "dependency_scanning", "start_time": "2022-08-10T21:37:00", "end_time": "2022-08-10T21:38:00", "status": "success" }, "version": "14.0.6" }