Skip to content

Update dependency body-parser to v1.20.3 #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
staging-whitesource-for-github-com wants to merge 1 commit into
base: main
Choose a base branch
from

Update dependency body-parser to v1.20.3

f16c246
Select commit
Loading
Failed to load commit list.
Open

Update dependency body-parser to v1.20.3 #9

Update dependency body-parser to v1.20.3
f16c246
Select commit
Loading
Failed to load commit list.
Staging - WhiteSource for GitHub.com / Mend Security Check failed Apr 8, 2026 in 8m 28s

Security Report

You have successfully remediated 30 vulnerabilities, but introduced 2 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue Reachability
CVE-2026-2391

Path to dependency file: /NodeGoat/package.json

Path to vulnerable library: /NodeGoat/package.json

Dependency Hierarchy:

-> body-parser-1.20.3.tgz (Root Library)

   -> ❌ qs-6.13.0.tgz (Vulnerable Library)

Low 3.7 Transitive qs-6.13.0.tgz body-parser-1.20.3.tgz Transitive 6.14.2 None

Reachable
CVE-2025-15284

Path to dependency file: /NodeGoat/package.json

Path to vulnerable library: /NodeGoat/package.json

Dependency Hierarchy:

-> body-parser-1.20.3.tgz (Root Library)

   -> ❌ qs-6.13.0.tgz (Vulnerable Library)

Low 3.7 Transitive qs-6.13.0.tgz body-parser-1.20.3.tgz None

Reachable

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2020-25649 jackson-databind-2.9.10.4.jar
CVE-2020-35490 jackson-databind-2.9.10.4.jar
CVE-2020-36187 jackson-databind-2.9.10.4.jar
CVE-2022-42004 jackson-databind-2.9.10.4.jar
CVE-2020-14062 jackson-databind-2.9.10.4.jar
CVE-2020-36181 jackson-databind-2.9.10.4.jar
CVE-2020-36184 jackson-databind-2.9.10.4.jar
CVE-2020-24616 jackson-databind-2.9.10.4.jar
CVE-2020-36183 jackson-databind-2.9.10.4.jar
CVE-2020-35491 jackson-databind-2.9.10.4.jar
CVE-2020-14061 jackson-databind-2.9.10.4.jar
CVE-2020-11022 jquery-1.11.2.min.js
CVE-2020-36179 jackson-databind-2.9.10.4.jar
CVE-2020-36189 jackson-databind-2.9.10.4.jar
CVE-2020-36188 jackson-databind-2.9.10.4.jar
CVE-2017-16137 debug-2.2.0.tgz
CVE-2020-36185 jackson-databind-2.9.10.4.jar
CVE-2020-36182 jackson-databind-2.9.10.4.jar
CVE-2020-14060 jackson-databind-2.9.10.4.jar
CVE-2020-11023 jquery-1.11.2.min.js
CVE-2021-20190 jackson-databind-2.9.10.4.jar
CVE-2020-35728 jackson-databind-2.9.10.4.jar
CVE-2020-14195 jackson-databind-2.9.10.4.jar
CVE-2019-11358 jquery-1.11.2.min.js
CVE-2015-9251 jquery-1.11.2.min.js
CVE-2022-42003 jackson-databind-2.9.10.4.jar
CVE-2020-24750 jackson-databind-2.9.10.4.jar
CVE-2020-36180 jackson-databind-2.9.10.4.jar
CVE-2022-22971 spring-messaging-4.3.7.RELEASE.jar
CVE-2020-36186 jackson-databind-2.9.10.4.jar

Base branch total remaining vulnerabilities: 150
Base branch commit: null


Total libraries scanned: 431

Scan token: d3a7ecdac9454f36b1339c760a341bb5

View more details on Staging - WhiteSource for GitHub.com