Update dependency markdown-it to ^14.1.1 (main) #145

Security Report

86 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Direct Library	Suggested Fix	Issue	Reachability
CVE-2025-12816 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ node-forge-1.3.1.tgz (Vulnerable Library)	High	8.6	`Direct` node-forge-1.3.1.tgz	node-forge-1.3.1.tgz	node-forge - 1.3.2	None	Reachable
CVE-2025-65110 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> vega-5.33.0.tgz (Root Library) -> vega-parser-6.6.0.tgz -> vega-functions-5.18.0.tgz -> ❌ vega-selections-5.6.0.tgz (Vulnerable Library)	High	8.1	`Transitive` vega-selections-5.6.0.tgz	vega-5.33.0.tgz	`Transitive` vega-selections - 5.6.3,vega-selections - 6.1.2	None	Reachable
CVE-2025-59840 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ vega-5.33.0.tgz (Vulnerable Library)	High	8.1	`Direct` vega-5.33.0.tgz	vega-5.33.0.tgz	vega-interpreter - 2.2.1,vega-interpreter - 1.2.1,vega-expression - 5.2.1,vega-expression - 6.1.0,vega - 6.2.0,vega - 6.2.0	None	Reachable
CVE-2026-25639 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ axios-1.12.1.tgz (Vulnerable Library)	High	7.5	`Direct` axios-1.12.1.tgz	axios-1.12.1.tgz	https://github.com/axios/axios.git - v1.13.5	None	Reachable
CVE-2025-69873 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> ❌ ajv-6.12.6.tgz (Vulnerable Library)	High	7.5	`Transitive` ajv-6.12.6.tgz	sdk-1.13.2.tgz	`Transitive` ajv - 8.18.0	None	Reachable
CVE-2025-66031 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ node-forge-1.3.1.tgz (Vulnerable Library)	High	7.5	`Direct` node-forge-1.3.1.tgz	node-forge-1.3.1.tgz	node-forge - 1.3.2	None	Reachable
CVE-2025-65945 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> google-auth-library-9.10.0.tgz (Root Library) -> ❌ jws-4.0.0.tgz (Vulnerable Library)	High	7.5	`Transitive` jws-4.0.0.tgz	google-auth-library-9.10.0.tgz	`Transitive` jws - 3.2.3,jws - 4.0.1	None	Reachable
CVE-2025-65945 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> google-vertexai-0.2.18.tgz (Root Library) -> google-gauth-0.2.18.tgz -> google-auth-library-10.3.0.tgz -> ❌ jws-4.0.0.tgz (Vulnerable Library)	High	7.5	`Transitive` jws-4.0.0.tgz	google-vertexai-0.2.18.tgz	`Transitive` jws - 3.2.3,jws - 4.0.1	None	Reachable
CVE-2025-65945 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> jsonwebtoken-9.0.2.tgz (Root Library) -> ❌ jws-3.2.2.tgz (Vulnerable Library)	High	7.5	`Transitive` jws-3.2.2.tgz	jsonwebtoken-9.0.2.tgz	`Transitive` jws - 3.2.3,jws - 4.0.1	None	Reachable
CVE-2025-14874 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ nodemailer-7.0.9.tgz (Vulnerable Library)	High	7.5	`Direct` nodemailer-7.0.9.tgz	nodemailer-7.0.9.tgz	7.0.11	None	Reachable
CVE-2025-66648 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> vega-5.33.0.tgz (Root Library) -> ❌ vega-functions-5.18.0.tgz (Vulnerable Library)	High	7.2	`Transitive` vega-functions-5.18.0.tgz	vega-5.33.0.tgz	`Transitive` vega-functions - 6.1.1	None	Reachable
CVE-2026-24001 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> unidiff-1.0.4.tgz (Root Library) -> ❌ diff-5.2.0.tgz (Vulnerable Library)	Medium	5.3	`Transitive` diff-5.2.0.tgz	unidiff-1.0.4.tgz	`Transitive` https://github.com/kpdecker/jsdiff.git - v4.0.4,https://github.com/kpdecker/jsdiff.git - v5.2.2,https://github.com/kpdecker/jsdiff.git - v8.0.3	None	Reachable
CVE-2025-66030 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ node-forge-1.3.1.tgz (Vulnerable Library)	Medium	5.3	`Direct` node-forge-1.3.1.tgz	node-forge-1.3.1.tgz	node-forge - 1.3.2	None	Reachable
CVE-2024-53382 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> eui-107.0.1.tgz (Root Library) -> refractor-3.6.0.tgz -> ❌ prismjs-1.27.0.tgz (Vulnerable Library)	Medium	4.9	`Transitive` prismjs-1.27.0.tgz	eui-107.0.1.tgz	`Transitive` 1.30.0	None	Reachable
CVE-2025-48985 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ ai-4.3.19.tgz (Vulnerable Library)	Low	3.7	`Direct` ai-4.3.19.tgz	ai-4.3.19.tgz	https://github.com/vercel/ai.git - ai@5.0.52	None	Reachable
CVE-2025-12735 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ expr-eval-2.0.2.tgz (Vulnerable Library)	Critical	9.8	`Direct` expr-eval-2.0.2.tgz	expr-eval-2.0.2.tgz	expr-eval-fork - 3.0.0,expr-eval-fork - 3.0.1	None	Unreachable
CVE-2025-68665 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ langchain-0.3.35.tgz (Vulnerable Library)	High	8.6	`Direct` langchain-0.3.35.tgz	langchain-0.3.35.tgz	langchain - 0.3.37,@langchain/core - 1.1.8,langchain - 1.2.3,@langchain/core - 0.3.80	None	Unreachable
CVE-2025-68665 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ core-0.3.78.tgz (Vulnerable Library)	High	8.6	`Direct` core-0.3.78.tgz	core-0.3.78.tgz	langchain - 0.3.37,@langchain/core - 1.1.8,langchain - 1.2.3,@langchain/core - 0.3.80	None	Unreachable
CVE-2025-68154 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> opentelemetry-node-1.2.0.tgz (Root Library) -> host-metrics-0.36.0.tgz -> ❌ systeminformation-5.23.8.tgz (Vulnerable Library)	High	8.1	`Transitive` systeminformation-5.23.8.tgz	opentelemetry-node-1.2.0.tgz	`Transitive` systeminformation - 5.27.14	None	Unreachable
CVE-2026-26996 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> ❌ minimatch-3.1.2.tgz (Vulnerable Library)	High	7.5	`Direct` minimatch-3.1.2.tgz	minimatch-3.1.2.tgz	10.2.1	None	Unreachable
CVE-2026-26996 Path to dependency file: /package.json Path to vulnerable library: /package.json,/oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> core-1.20.4.tgz -> ejs-3.1.10.tgz -> jake-10.9.2.tgz -> filelist-1.0.4.tgz -> ❌ minimatch-5.1.6.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-5.1.6.tgz	bump-cli-2.8.4.tgz	`Transitive` 10.2.1	None	Unreachable
CVE-2026-26996 Path to dependency file: /package.json Path to vulnerable library: /package.json,/oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> openapi-core-1.34.5.tgz -> ❌ minimatch-5.1.6.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-5.1.6.tgz	cli-1.34.5.tgz	`Transitive` 10.2.1	None	Unreachable
CVE-2026-26996 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> tar-7.4.3.tgz (Root Library) -> minizlib-3.0.1.tgz -> rimraf-5.0.10.tgz -> glob-10.4.5.tgz -> ❌ minimatch-9.0.5.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-9.0.5.tgz	tar-7.4.3.tgz	`Transitive` 10.2.1	None	Unreachable
CVE-2026-26996 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> archiver-7.0.1.tgz (Root Library) -> archiver-utils-5.0.2.tgz -> glob-10.4.5.tgz -> ❌ minimatch-9.0.5.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-9.0.5.tgz	archiver-7.0.1.tgz	`Transitive` 10.2.1	None	Unreachable
CVE-2026-26996 Path to dependency file: /package.json Path to vulnerable library: /package.json,/oas_docs/package.json Dependency Hierarchy: -> archiver-7.0.1.tgz (Root Library) -> readdir-glob-1.1.3.tgz -> ❌ minimatch-5.1.6.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-5.1.6.tgz	archiver-7.0.1.tgz	`Transitive` 10.2.1	None	Unreachable
CVE-2026-25639 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> ❌ axios-1.7.7.tgz (Vulnerable Library)	High	7.5	`Transitive` axios-1.7.7.tgz	bump-cli-2.8.4.tgz	`Transitive` https://github.com/axios/axios.git - v1.13.5	None	Unreachable
CVE-2026-0621 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ sdk-1.13.2.tgz (Vulnerable Library)	High	7.5	`Direct` sdk-1.13.2.tgz	sdk-1.13.2.tgz	@modelcontextprotocol/sdk - 1.25.2	None	Unreachable
CVE-2025-64756 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> tar-7.4.3.tgz (Root Library) -> minizlib-3.0.1.tgz -> rimraf-5.0.10.tgz -> ❌ glob-10.4.5.tgz (Vulnerable Library)	High	7.5	`Transitive` glob-10.4.5.tgz	tar-7.4.3.tgz	`Transitive` glob - 11.1.0,glob - 10.5.0	None	Unreachable
CVE-2025-64756 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> archiver-7.0.1.tgz (Root Library) -> zip-stream-6.0.1.tgz -> archiver-utils-5.0.2.tgz -> ❌ glob-10.4.5.tgz (Vulnerable Library)	High	7.5	`Transitive` glob-10.4.5.tgz	archiver-7.0.1.tgz	`Transitive` glob - 11.1.0,glob - 10.5.0	None	Unreachable
CVE-2025-58754 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> ❌ axios-1.7.7.tgz (Vulnerable Library)	High	7.5	`Transitive` axios-1.7.7.tgz	bump-cli-2.8.4.tgz	`Transitive` 1.12.0	None	Unreachable
CVE-2024-21538 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> core-1.20.4.tgz -> password-prompt-1.1.3.tgz -> ❌ cross-spawn-7.0.3.tgz (Vulnerable Library)	High	7.5	`Transitive` cross-spawn-7.0.3.tgz	bump-cli-2.8.4.tgz	`Transitive` https://github.com/moxystudio/node-cross-spawn.git - v7.0.5,https://github.com/moxystudio/node-cross-spawn.git - v6.0.6,org.webjars.npm:cross-spawn:6.0.6	None	Unreachable
CVE-2025-13204 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ expr-eval-2.0.2.tgz (Vulnerable Library)	High	7.3	`Direct` expr-eval-2.0.2.tgz	expr-eval-2.0.2.tgz		None	Unreachable
CVE-2025-9910 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ai-4.3.19.tgz (Root Library) -> ❌ jsondiffpatch-0.6.0.tgz (Vulnerable Library)	Medium	6.1	`Transitive` jsondiffpatch-0.6.0.tgz	ai-4.3.19.tgz	`Transitive` 0.7.2	None	Unreachable
CVE-2025-13466 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ body-parser-2.2.0.tgz (Vulnerable Library)	Medium	5.8	`Transitive` body-parser-2.2.0.tgz	sdk-1.13.2.tgz	`Transitive` body-parser - 2.2.1	None	Unreachable
CVE-2026-2739 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> openpgp-5.11.3.tgz (Root Library) -> asn1.js-5.4.1.tgz -> ❌ bn.js-4.11.9.tgz (Vulnerable Library)	Medium	5.3	`Transitive` bn.js-4.11.9.tgz	openpgp-5.11.3.tgz	`Transitive` Upgrade to version bn.js - 4.12.3 or greater	None	Unreachable
CVE-2026-24001 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> plugin-help-5.2.20.tgz -> core-2.16.0.tgz -> ts-node-10.9.2.tgz -> ❌ diff-4.0.2.tgz (Vulnerable Library)	Medium	5.3	`Transitive` diff-4.0.2.tgz	bump-cli-2.8.4.tgz	`Transitive` https://github.com/kpdecker/jsdiff.git - v4.0.4,https://github.com/kpdecker/jsdiff.git - v5.2.2,https://github.com/kpdecker/jsdiff.git - v8.0.3	None	Unreachable
CVE-2026-24001 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ diff-8.0.2.tgz (Vulnerable Library)	Medium	5.3	`Direct` diff-8.0.2.tgz	diff-8.0.2.tgz	https://github.com/kpdecker/jsdiff.git - v4.0.4,https://github.com/kpdecker/jsdiff.git - v5.2.2,https://github.com/kpdecker/jsdiff.git - v8.0.3	None	Unreachable
CVE-2024-53382 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> redoc-2.5.0.tgz -> ❌ prismjs-1.29.0.tgz (Vulnerable Library)	Medium	4.9	`Transitive` prismjs-1.29.0.tgz	cli-1.34.5.tgz	`Transitive` 1.30.0	None	Unreachable
CVE-2026-2391 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> search-ui-1.24.1.tgz (Root Library) -> ❌ qs-6.14.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.14.0.tgz	search-ui-1.24.1.tgz	`Transitive` 6.14.2	None	Unreachable
CVE-2026-2391 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> body-parser-2.2.0.tgz -> ❌ qs-6.14.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.14.0.tgz	sdk-1.13.2.tgz	`Transitive` 6.14.2	None	Unreachable
CVE-2026-2391 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ qs-6.13.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.13.0.tgz	sdk-1.13.2.tgz	`Transitive` 6.14.2	None	Unreachable
CVE-2026-2391 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-search-ui-views-1.24.1.tgz (Root Library) -> search-ui-1.24.1.tgz -> ❌ qs-6.14.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.14.0.tgz	react-search-ui-views-1.24.1.tgz	`Transitive` 6.14.2	None	Unreachable
CVE-2025-15284 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> search-ui-1.24.1.tgz (Root Library) -> ❌ qs-6.14.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.14.0.tgz	search-ui-1.24.1.tgz	`Transitive` qs - 6.14.1	None	Unreachable
CVE-2025-15284 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ qs-6.13.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.13.0.tgz	sdk-1.13.2.tgz	`Transitive` qs - 6.14.1	None	Unreachable
CVE-2025-15284 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> body-parser-2.2.0.tgz -> ❌ qs-6.14.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.14.0.tgz	sdk-1.13.2.tgz	`Transitive` qs - 6.14.1	None	Unreachable
CVE-2025-15284 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> react-search-ui-views-1.24.1.tgz (Root Library) -> search-ui-1.24.1.tgz -> ❌ qs-6.14.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.14.0.tgz	react-search-ui-views-1.24.1.tgz	`Transitive` qs - 6.14.1	None	Unreachable
CVE-2025-5889 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> core-1.20.4.tgz -> ejs-3.1.10.tgz -> jake-10.9.2.tgz -> filelist-1.0.4.tgz -> minimatch-5.1.6.tgz -> ❌ brace-expansion-2.0.1.tgz (Vulnerable Library)	Low	3.1	`Transitive` brace-expansion-2.0.1.tgz	bump-cli-2.8.4.tgz	`Transitive` 2.0.2	None	Unreachable
CVE-2025-5889 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> openapi-core-1.34.5.tgz -> minimatch-5.1.6.tgz -> ❌ brace-expansion-2.0.1.tgz (Vulnerable Library)	Low	3.1	`Transitive` brace-expansion-2.0.1.tgz	cli-1.34.5.tgz	`Transitive` 1.1.12	None	Unreachable
CVE-2025-5889 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> glob-7.2.3.tgz -> minimatch-3.1.2.tgz -> ❌ brace-expansion-1.1.11.tgz (Vulnerable Library)	Low	3.1	`Transitive` brace-expansion-1.1.11.tgz	cli-1.34.5.tgz	`Transitive` 1.1.12	None	Unreachable
CVE-616547-419802 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ parseurl-1.3.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` parseurl-1.3.3.tgz	sdk-1.13.2.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> http-proxy-agent-5.0.0.tgz (Root Library) -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	http-proxy-agent-5.0.0.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> styled-components-5.3.11.tgz (Root Library) -> traverse-7.26.8.tgz -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	styled-components-5.3.11.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> debug-4.3.7.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	bump-cli-2.8.4.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> opentelemetry-node-1.2.0.tgz (Root Library) -> winston-transport-0.14.0.tgz -> winston-transport-4.9.0.tgz -> logform-2.7.0.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	opentelemetry-node-1.2.0.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> puppeteer-24.24.0.tgz (Root Library) -> browsers-2.10.11.tgz -> proxy-agent-6.5.0.tgz -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	puppeteer-24.24.0.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> remark-gfm-1.0.0.tgz (Root Library) -> micromark-extension-gfm-0.3.3.tgz -> micromark-2.11.4.tgz -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	remark-gfm-1.0.0.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> extract-zip-2.0.1.tgz (Root Library) -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	extract-zip-2.0.1.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> require-in-the-middle-7.5.2.tgz (Root Library) -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	require-in-the-middle-7.5.2.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> elastic-apm-node-4.13.0.tgz (Root Library) -> agentkeepalive-4.2.1.tgz -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	elastic-apm-node-4.13.0.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> jsonwebtoken-9.0.2.tgz (Root Library) -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	jsonwebtoken-9.0.2.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> cypress-data-session-2.8.0.tgz (Root Library) -> debug-4.4.3.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	cypress-data-session-2.8.0.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> send-1.1.0.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	sdk-1.13.2.tgz		None
CVE-398484-724968 Dependency Hierarchy: -> elasticsearch-9.1.1.tgz (Root Library) -> transport-9.0.1.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ms-2.1.3.tgz	elasticsearch-9.1.1.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> inquirer-8.2.7.tgz (Root Library) -> ora-5.4.1.tgz -> bl-4.1.0.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	inquirer-8.2.7.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> remark-parse-no-trim-8.0.4.tgz (Root Library) -> unherit-1.1.0.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	remark-parse-no-trim-8.0.4.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> wellknown-0.5.0.tgz (Root Library) -> concat-stream-1.5.2.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	wellknown-0.5.0.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> server-11.11.0.tgz (Root Library) -> html-tokenize-2.0.1.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	server-11.11.0.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> simple-websocket-9.1.0.tgz -> readable-stream-3.6.2.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	cli-1.34.5.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> elastic-apm-node-4.13.0.tgz (Root Library) -> stream-chopper-3.0.1.tgz -> readable-stream-3.6.2.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	elastic-apm-node-4.13.0.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> openpgp-5.11.3.tgz (Root Library) -> asn1.js-5.4.1.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	openpgp-5.11.3.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> del-6.1.1.tgz (Root Library) -> rimraf-3.0.2.tgz -> glob-7.2.3.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	del-6.1.1.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> archiver-7.0.1.tgz (Root Library) -> archiver-utils-5.0.2.tgz -> lazystream-1.0.1.tgz -> readable-stream-2.3.8.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	archiver-7.0.1.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> borc-3.0.0.tgz (Root Library) -> readable-stream-3.6.2.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	borc-3.0.0.tgz		None
CVE-289561-266276 Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> http-errors-2.0.0.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library)	Critical	9.8	`Transitive` inherits-2.0.4.tgz	sdk-1.13.2.tgz		None
CVE-154062-641864 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> on-finished-2.4.1.tgz -> ❌ ee-first-1.1.1.tgz (Vulnerable Library)	Critical	9.8	`Transitive` ee-first-1.1.1.tgz	sdk-1.13.2.tgz		None
CVE-121740-819191 Path to dependency file: /package.json Path to vulnerable library: /package.json,/oas_docs/package.json Dependency Hierarchy: -> ❌ lodash-4.17.21.tgz (Vulnerable Library)	Critical	9.8	`Direct` lodash-4.17.21.tgz	lodash-4.17.21.tgz		None
CVE-105163-391686 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library)	Critical	9.8	`Direct` jquery-3.7.1.tgz	jquery-3.7.1.tgz		None
CVE-2022-1227 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> redoc-2.5.0.tgz -> ❌ prismjs-1.29.0.tgz (Vulnerable Library)	High	8.8	`Transitive` prismjs-1.29.0.tgz	cli-1.34.5.tgz	`Transitive` github.com/containers/psgo - v1.7.2,react - 15.0.1,https://github.com/containers/psgo.git - no_fix,https://github.com/containers/podman.git - no_fix	None
MSC-2025-10528 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library)	High	7.8	`Direct` jquery-3.7.1.tgz	jquery-3.7.1.tgz		None
CVE-2025-69873 Dependency Hierarchy: -> ❌ ajv-8.17.1.tgz (Vulnerable Library)	High	7.5	`Direct` ajv-8.17.1.tgz	ajv-8.17.1.tgz	ajv - 8.18.0	None
CVE-2025-57319 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> elastic-apm-node-4.13.0.tgz (Root Library) -> pino-8.15.1.tgz -> ❌ fast-redact-3.1.2.tgz (Vulnerable Library)	High	7.5	`Transitive` fast-redact-3.1.2.tgz	elastic-apm-node-4.13.0.tgz		None
CVE-2025-11362 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ pdfmake-0.2.15.tgz (Vulnerable Library)	High	7.5	`Direct` pdfmake-0.2.15.tgz	pdfmake-0.2.15.tgz	pdfmake - 0.3.0-beta.17,pdfmake - 0.3.0-beta.17	None
CVE-2012-3412 Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> redoc-2.5.0.tgz -> ❌ prismjs-1.29.0.tgz (Vulnerable Library)	High	7.5	`Transitive` prismjs-1.29.0.tgz	cli-1.34.5.tgz	`Transitive` 3.2.30	None
CVE-2015-9251 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library)	Medium	6.1	`Direct` jquery-3.7.1.tgz	jquery-3.7.1.tgz	jquery - 3.0.0,org.webjars.npm:jquery:1.12.2,jQuery - 3.0.0,jquery-rails - 4.2.0,jquery - 1.12.2,org.webjars.npm:jquery:3.0.0,jQuery - 1.12.2,jQuery - 3.0.0,org.webjars.npm:jquery:1.12.2,org.webjars.npm:jquery:3.0.0,jquery - 3.0.0,jquery - 1.12.2,jQuery - 1.12.2,jquery-rails - 4.2.0	None
MSC-2025-10533 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library)	Medium	5.3	`Direct` jquery-3.7.1.tgz	jquery-3.7.1.tgz		None
CVE-2019-3820 Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library)	Medium	4.3	`Direct` jquery-3.7.1.tgz	jquery-3.7.1.tgz		None

Base branch total remaining vulnerabilities: 0
Base branch commit: 43796fdf47894730b90fa7a365e8711fd0b2f54b

Total libraries scanned: 3092

Scan token: c0a0feef284840c7bc1bd1fd6b80527c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency markdown-it to ^14.1.1 (main) #145

Uh oh!

Uh oh!

Update dependency markdown-it to ^14.1.1 (main) #145

Uh oh!

Security Report

Re-running checks...

Update dependency markdown-it to ^14.1.1 (main) #145

Are you sure you want to change the base?

Uh oh!

Update dependency markdown-it to ^14.1.1

Uh oh!

Update dependency markdown-it to ^14.1.1 (main) #145

Uh oh!

Security Report

Re-running checks...