Update dependency body-parser to v1.20.4 #27
Dev - Mend for GitHub.com / Mend Security Check
failed
Apr 8, 2026 in 5m 50s
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|---|
CVE-289561-266276Path to dependency file: /package.json Path to vulnerable library: /package.json,/api/package.json Dependency Hierarchy: -> body-parser-1.20.4.tgz (Root Library) -> http-errors-2.0.1.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
 Critical |
9.8 | Transitive inherits-2.0.4.tgz |
body-parser-1.20.4.tgz | None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| GHSA-6chw-6frg-f759 | acorn-6.1.1.tgz |
| GHSA-v2p6-4mp7-3r9v | underscore.string-2.4.0.tgz |
| GHSA-c3m8-x3cg-qm2c | helmet-csp-2.7.1.tgz |
| GHSA-7fhm-mqm4-2wp7 | acorn-6.1.1.tgz |
| GHSA-pc5p-h8pf-mvwp | https-proxy-agent-2.2.1.tgz |
| GHSA-64g7-mvw6-v9qj | shelljs-0.8.3.tgz |
| CVE-2025-404142 | buffers-0.1.1.tgz |
| GHSA-7fhm-mqm4-2wp7 | minimist-0.0.8.tgz |
| GHSA-7wwv-vh3v-89cq | highlight.js-9.15.8.tgz |
| GHSA-7fhm-mqm4-2wp7 | acorn-4.0.13.tgz |
| GHSA-w42g-7vfc-xf37 | apollo-server-express-2.9.12.tgz |
| GHSA-8x6c-cv3v-vp6g | cacheable-request-2.1.4.tgz |
| CVE-506311-612488 | content-type-1.0.4.tgz |
| GHSA-7fhm-mqm4-2wp7 | minimist-1.2.0.tgz |
| GHSA-g95f-p29q-9xw4 | braces-1.8.5.tgz |
| GHSA-7fhm-mqm4-2wp7 | minimist-0.0.10.tgz |
| CVE-2022-25881 | http-cache-semantics-3.8.1.tgz |
| GHSA-w42g-7vfc-xf37 | apollo-server-express-2.5.0-alpha.0.tgz |
| GHSA-4xcv-9jjx-gfj3 | mem-1.1.0.tgz |
Base branch total remaining vulnerabilities: 277
Base branch commit: d8a4d1743dfb4e8c2596563c8b569bb9ec3f1892
Total libraries scanned: 1832
Scan token: 62172ee5b3ea4c65831b2f14e1bbbd75
Loading