Update dependency express-session to v1.18.2#59
Update dependency express-session to v1.18.2#59mend-for-github-com[bot] wants to merge 1 commit into
Security Report
You have successfully remediated 1 vulnerabilities, but introduced 8 new vulnerabilities in this branch.
❌ New vulnerabilities:
| Vulnerability | Severity | Vulnerable Library | Direct Library | Suggested Fix | Issue | Reachability | |
|---|---|---|---|---|---|---|---|
CVE-2026-5079Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.2.0 | #28 | ||
CVE-2026-3520Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.1.1 | #28 | ||
CVE-2026-3304Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.1.0 | #28 | ||
CVE-2026-2359Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.1.0 | #28 | ||
CVE-2025-7338Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.0.2 | #28 | ||
CVE-2025-48997Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.0.1 | #28 | ||
CVE-2025-47944Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.0.0 | #28 | ||
CVE-2025-47935Path to dependency file: /backend/package.json Path to vulnerable library: /backend/package.json Dependency Hierarchy: -> ❌ multer-1.4.5-lts.2.tgz (Vulnerable Library) |
7.5 | Direct multer-1.4.5-lts.2.tgz |
multer-1.4.5-lts.2.tgz | 2.0.0 | #28 |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2024-47764 | cookie-0.4.2.tgz |
Base branch total remaining vulnerabilities: 223
Base branch commit: a3ba1679b8965c9f00f5ca1f92a5800372757c57
Total libraries scanned: 2141
Scan token: 010eb25e138b492ea47450cdf8ec1700