📂 Vulnerable Library - jsonwebtoken-9.0.0.tgz
JSON Web Token implementation (symmetric and asymmetric)
Path to dependency file: /package.json
Findings
| Finding |
Severity |
🎯 CVSS |
Exploit Maturity |
EPSS |
Library |
Type |
Fixed in |
Remediation Available |
Reachability |
| CVE-121740-819191 |
🟣 Critical |
9.8 |
N/A |
N/A |
lodash-4.17.21.tgz |
Transitive |
N/A |
❌ |
|
| CVE-398484-724968 |
🟣 Critical |
9.8 |
N/A |
N/A |
ms-2.1.3.tgz |
Transitive |
N/A |
❌ |
|
Details
🟣CVE-121740-819191
Vulnerable Library - lodash-4.17.21.tgz
Lodash modular utilities.
Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz
Path to dependency file: /package.json
Dependency Hierarchy:
- jsonwebtoken-9.0.0.tgz (Root Library)
- ❌ lodash-4.17.21.tgz (Vulnerable Library)
Vulnerability Details
Created automatically by the test suite
Publish Date: Jun 07, 2010 05:12 PM
URL: CVE-121740-819191
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 9.8
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🟣CVE-398484-724968
Vulnerable Library - ms-2.1.3.tgz
Tiny millisecond conversion utility
Library home page: https://registry.npmjs.org/ms/-/ms-2.1.3.tgz
Path to dependency file: /package.json
Dependency Hierarchy:
-
express-4.17.3.tgz (Root Library)
- send-0.17.2.tgz
- ❌ ms-2.1.3.tgz (Vulnerable Library)
-
jsonwebtoken-9.0.0.tgz (Root Library)
- ❌ ms-2.1.3.tgz (Vulnerable Library)
-
snyk-1.434.3.tgz (Root Library)
- needle-2.5.0.tgz
- debug-3.2.7.tgz
- ❌ ms-2.1.3.tgz (Vulnerable Library)
Vulnerability Details
Created automatically by the test suite
Publish Date: Jun 07, 2010 05:12 PM
URL: CVE-398484-724968
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 9.8
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
📂 Vulnerable Library - jsonwebtoken-9.0.0.tgz
JSON Web Token implementation (symmetric and asymmetric)
Path to dependency file: /package.json
Findings
Details
🟣CVE-121740-819191
Vulnerable Library - lodash-4.17.21.tgz
Lodash modular utilities.
Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz
Path to dependency file: /package.json
Dependency Hierarchy:
Vulnerability Details
Created automatically by the test suite
Publish Date: Jun 07, 2010 05:12 PM
URL: CVE-121740-819191
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 9.8
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🟣CVE-398484-724968
Vulnerable Library - ms-2.1.3.tgz
Tiny millisecond conversion utility
Library home page: https://registry.npmjs.org/ms/-/ms-2.1.3.tgz
Path to dependency file: /package.json
Dependency Hierarchy:
express-4.17.3.tgz (Root Library)
jsonwebtoken-9.0.0.tgz (Root Library)
snyk-1.434.3.tgz (Root Library)
Vulnerability Details
Created automatically by the test suite
Publish Date: Jun 07, 2010 05:12 PM
URL: CVE-398484-724968
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 9.8
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :