Update dependency ejs to v3 (main) #41
Security Report
❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.
general
https://vonagecc.jfrog.io/artifactory
| Step | Level | Description | Details |
|---|---|---|---|
| Checking registry connectivity | ⚠Warn | Unsupported configuration was provided | Unsupported registry hostType gradle, skipped |
https://vonagecc.jfrog.io/artifactory/maven
| Step | Level | Description | Details |
|---|---|---|---|
| Checking registry connectivity | ⚠Warn | Unsupported configuration was provided | Unsupported registry hostType gradle, skipped |
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Exploit Maturity | EPSS | Vulnerable Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|---|---|
CVE-2020-23064Path to dependency file: /proctoring/web/student.html Path to vulnerable library: /proctoring/web/vendor/jquery-3.2.1.min.js Dependency Hierarchy: -> ❌ jquery-3.2.1.min.js (Vulnerable Library) |
 Medium |
6.1 | Not Defined | 0.1% | jquery-3.2.1.min.js | Upgrade to version: jquery - 3.5.0 | #25 | |
CVE-2020-11023Path to dependency file: /proctoring/web/student.html Path to vulnerable library: /proctoring/web/vendor/jquery-3.2.1.min.js Dependency Hierarchy: -> ❌ jquery-3.2.1.min.js (Vulnerable Library) |
Medium |
6.1 | Proof of concept | 1.9% | jquery-3.2.1.min.js | Upgrade to version: jquery - 3.5.0;jquery-rails - 4.4.0 | #25 |
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2024-33883 | ejs-2.7.4.tgz |
| WS-2021-0153 | ejs-2.7.4.tgz |
| CVE-2022-29078 | ejs-2.7.4.tgz |
Base branch total remaining vulnerabilities: 19
Base branch commit: null
Total libraries scanned: 133
Scan token: b4b7932b5b904be4ae4ea07129a48b5f