Skip to content

Update dependency express to v4.22.0 (main)#23

Open
mend-for-github-com[bot] wants to merge 1 commit into
mainfrom
whitesource-remediate/main-express-4.x-lockfile
Open

Update dependency express to v4.22.0 (main)#23
mend-for-github-com[bot] wants to merge 1 commit into
mainfrom
whitesource-remediate/main-express-4.x-lockfile

Update dependency express to v4.22.0

ef09935
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed Jun 9, 2026 in 1m 58s

Security Report

You have successfully remediated 12 vulnerabilities, but introduced 1 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Exploit Maturity EPSS Vulnerable Library Direct Library Suggested Fix Issue Reachability
CVE-2026-8723

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> express-4.22.0.tgz (Root Library)

   -> ❌ qs-6.14.2.tgz (Vulnerable Library)

Medium 5.3 Not Defined 0.044% Transitive qs-6.14.2.tgz express-4.22.0.tgz Transitive 6.15.2 None

Reachable

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2024-47764 cookie-0.4.0.tgz
CVE-2024-45590 body-parser-1.19.0.tgz
CVE-2025-15284 qs-6.7.0.tgz
CVE-2024-43799 send-0.17.1.tgz
CVE-2024-29041 express-4.17.1.tgz
CVE-2024-43800 serve-static-1.14.1.tgz
CVE-2026-2391 qs-6.7.0.tgz
CVE-2024-43796 express-4.17.1.tgz
CVE-2022-24999 qs-6.7.0.tgz
CVE-2024-52798 path-to-regexp-0.1.7.tgz
CVE-2024-45296 path-to-regexp-0.1.7.tgz
CVE-2026-4867 path-to-regexp-0.1.7.tgz

Base branch total remaining vulnerabilities: 28
Base branch commit: 8aee888f46a0a5feddff742a5797cab7e896e450


Total libraries scanned: 129

Scan token: 07ce0f4c92984aa3b63ed9d73f8f9be6

View more details on Mend for GitHub.com