yarn.lock - Trivy Report - 2026-06-04 12:51:39.518427119 +0000 UTC m=+2.313910123

yarn
Package Vulnerability ID Severity Installed Version Fixed Version Links
@ai-sdk/provider-utils CVE-2026-8769 LOW 3.0.17 https://gist.github.com/YLChen-007/fb1096bc8428bed9a428f764d9d103bb https://github.com/vercel/ai https://nvd.nist.gov/vuln/detail/CVE-2026-8769 https://vuldb.com/submit/811406 https://vuldb.com/vuln/364394 https://vuldb.com/vuln/364394/cti
@ai-sdk/provider-utils CVE-2026-8769 LOW 3.0.20 https://gist.github.com/YLChen-007/fb1096bc8428bed9a428f764d9d103bb https://github.com/vercel/ai https://nvd.nist.gov/vuln/detail/CVE-2026-8769 https://vuldb.com/submit/811406 https://vuldb.com/vuln/364394 https://vuldb.com/vuln/364394/cti
@strapi/plugin-users-permissions CVE-2025-64526 MEDIUM 5.42.0 5.45.0 https://github.com/strapi/strapi https://github.com/strapi/strapi/commit/5e0d243cba9830e6f791de6a94798bcde51468db https://github.com/strapi/strapi/pull/24818 https://github.com/strapi/strapi/releases/tag/v5.45.0 https://github.com/strapi/strapi/security/advisories/GHSA-7mqx-wwh4-f9fw https://nvd.nist.gov/vuln/detail/CVE-2025-64526
ajv CVE-2025-69873 MEDIUM 8.13.0 8.18.0, 6.14.0 https://access.redhat.com/security/cve/CVE-2025-69873 https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md https://github.com/advisories/GHSA-2g4f-4pwh-qvx6 https://github.com/ajv-validator/ajv https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5 https://github.com/ajv-validator/ajv/pull/2586 https://github.com/ajv-validator/ajv/pull/2588 https://github.com/ajv-validator/ajv/pull/2590 https://github.com/ajv-validator/ajv/releases/tag/v6.14.0 https://github.com/ajv-validator/ajv/releases/tag/v8.18.0 https://github.com/github/advisory-database/pull/6991 https://nvd.nist.gov/vuln/detail/CVE-2025-69873 https://www.cve.org/CVERecord?id=CVE-2025-69873
axios CVE-2026-42033 HIGH 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42033 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf https://nvd.nist.gov/vuln/detail/CVE-2026-42033 https://www.cve.org/CVERecord?id=CVE-2026-42033
axios CVE-2026-42035 HIGH 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42035 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9 https://nvd.nist.gov/vuln/detail/CVE-2026-42035 https://www.cve.org/CVERecord?id=CVE-2026-42035
axios CVE-2026-42043 HIGH 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42043 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7 https://nvd.nist.gov/vuln/detail/CVE-2026-42043 https://www.cve.org/CVERecord?id=CVE-2026-42043
axios CVE-2026-42264 HIGH 1.15.0 1.15.2 https://github.com/axios/axios https://github.com/axios/axios/commit/47915144662f2733e6c051bdcb895a8c8f0586aa https://github.com/axios/axios/pull/10779 https://github.com/axios/axios/releases/tag/v1.15.2 https://github.com/axios/axios/security/advisories/GHSA-q8qp-cvcw-x6jj https://nvd.nist.gov/vuln/detail/CVE-2026-42264
axios CVE-2026-44492 HIGH 1.15.0 1.16.0, 0.32.0 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv https://nvd.nist.gov/vuln/detail/CVE-2025-62718
axios CVE-2026-44494 HIGH 1.15.0 1.16.0 https://github.com/advisories/GHSA-fvcv-3m26-pcqx https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh
axios CVE-2026-44495 HIGH 1.15.0 1.15.2, 0.31.1 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw
axios CVE-2026-42034 MEDIUM 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42034 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-5c9x-8gcm-mpgx https://nvd.nist.gov/vuln/detail/CVE-2026-42034 https://www.cve.org/CVERecord?id=CVE-2026-42034
axios CVE-2026-42036 MEDIUM 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42036 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-vf2m-468p-8v99 https://nvd.nist.gov/vuln/detail/CVE-2026-42036 https://www.cve.org/CVERecord?id=CVE-2026-42036
axios CVE-2026-42037 MEDIUM 1.15.0 1.15.1 https://access.redhat.com/security/cve/CVE-2026-42037 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-445q-vr5w-6q77 https://nvd.nist.gov/vuln/detail/CVE-2026-42037 https://www.cve.org/CVERecord?id=CVE-2026-42037
axios CVE-2026-42038 MEDIUM 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42038 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-m7pr-hjqh-92cm https://nvd.nist.gov/vuln/detail/CVE-2026-42038 https://www.cve.org/CVERecord?id=CVE-2026-42038
axios CVE-2026-42039 MEDIUM 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42039 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9 https://nvd.nist.gov/vuln/detail/CVE-2026-42039 https://www.cve.org/CVERecord?id=CVE-2026-42039
axios CVE-2026-42041 MEDIUM 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42041 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63 https://nvd.nist.gov/vuln/detail/CVE-2026-42041 https://www.cve.org/CVERecord?id=CVE-2026-42041
axios CVE-2026-42042 MEDIUM 1.15.0 1.15.1, 0.31.1 https://access.redhat.com/security/cve/CVE-2026-42042 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-xx6v-rp6x-q39c https://nvd.nist.gov/vuln/detail/CVE-2026-42042 https://www.cve.org/CVERecord?id=CVE-2026-42042
axios CVE-2026-42044 MEDIUM 1.15.0 1.15.2 https://access.redhat.com/security/cve/CVE-2026-42044 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23 https://nvd.nist.gov/vuln/detail/CVE-2026-42044 https://www.cve.org/CVERecord?id=CVE-2026-42044
axios CVE-2026-44490 MEDIUM 1.15.0 1.16.0, 0.32.0 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-898c-q2cr-xwhg https://nvd.nist.gov/vuln/detail/CVE-2018-16487
axios CVE-2026-42040 LOW 1.15.0 1.15.1, 0.31.1 https://github.com/axios/axios https://github.com/axios/axios/security/advisories/GHSA-xhjh-pmcv-23jw https://nvd.nist.gov/vuln/detail/CVE-2026-42040
brace-expansion CVE-2026-45149 MEDIUM 5.0.5 5.0.6 https://github.com/juliangruber/brace-expansion https://github.com/juliangruber/brace-expansion/commit/c0b095bdc52bc4c36dc88deddbadabc49f8371e5 https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-jxxr-4gwj-5jf2
elliptic CVE-2025-14505 LOW 6.6.1 https://access.redhat.com/security/cve/CVE-2025-14505 https://datatracker.ietf.org/doc/html/rfc6979 https://github.com/indutny/elliptic https://github.com/indutny/elliptic/issues/321 https://nvd.nist.gov/vuln/detail/CVE-2025-14505 https://www.cve.org/CVERecord?id=CVE-2025-14505 https://www.herodevs.com/vulnerability-directory/cve-2025-14505
fast-uri CVE-2026-6321 HIGH 3.1.0 3.1.1 https://access.redhat.com/security/cve/CVE-2026-6321 https://cna.openjsf.org/security-advisories.html https://github.com/fastify/fast-uri https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6 https://nvd.nist.gov/vuln/detail/CVE-2026-6321 https://www.cve.org/CVERecord?id=CVE-2026-6321
fast-uri CVE-2026-6322 HIGH 3.1.0 3.1.2 https://cna.openjsf.org/security-advisories.html https://github.com/fastify/fast-uri https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc https://nvd.nist.gov/vuln/detail/CVE-2026-6322
fast-xml-builder CVE-2026-44665 HIGH 1.1.4 1.1.7 https://access.redhat.com/security/cve/CVE-2026-44665 https://github.com/NaturalIntelligence/fast-xml-builder https://github.com/NaturalIntelligence/fast-xml-builder/security/advisories/GHSA-5wm8-gmm8-39j9 https://nvd.nist.gov/vuln/detail/CVE-2026-44665 https://www.cve.org/CVERecord?id=CVE-2026-44665
fast-xml-parser CVE-2026-41650 MEDIUM 5.5.8 5.7.0 https://access.redhat.com/security/cve/CVE-2026-41650 https://github.com/NaturalIntelligence/fast-xml-parser https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.6.0 https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-gh4j-gqv2-49f6 https://nvd.nist.gov/vuln/detail/CVE-2026-41650 https://www.cve.org/CVERecord?id=CVE-2026-41650
markdown-it CVE-2026-2327 MEDIUM 13.0.2 14.1.1 https://access.redhat.com/security/cve/CVE-2026-2327 https://gist.github.com/ltduc147/c9abecae1b291ede4f692f2ab988c917 https://github.com/markdown-it/markdown-it https://github.com/markdown-it/markdown-it/blob/14.1.0/lib/rules_inline/linkify.mjs#L33 https://github.com/markdown-it/markdown-it/blob/14.1.0/lib/rules_inline/linkify.mjs%23L33 https://github.com/markdown-it/markdown-it/commit/4b4bbcae5e0990a5b172378e507b33a59012ed26 https://nvd.nist.gov/vuln/detail/CVE-2026-2327 https://security.snyk.io/vuln/SNYK-JS-MARKDOWNIT-10666750 https://www.cve.org/CVERecord?id=CVE-2026-2327
postcss CVE-2026-41305 MEDIUM 8.5.9 8.5.10 https://access.redhat.com/security/cve/CVE-2026-41305 https://github.com/postcss/postcss https://github.com/postcss/postcss/releases/tag/8.5.10 https://github.com/postcss/postcss/security/advisories/GHSA-qx2v-qp2m-jg93 https://nvd.nist.gov/vuln/detail/CVE-2026-41305 https://www.cve.org/CVERecord?id=CVE-2026-41305
qs CVE-2026-8723 MEDIUM 6.15.0 6.15.2 https://github.com/ljharb/qs https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41 https://github.com/ljharb/qs/security/advisories/GHSA-q8mj-m7cp-5q26 https://nvd.nist.gov/vuln/detail/CVE-2026-8723
qs CVE-2026-8723 MEDIUM 6.15.1 6.15.2 https://github.com/ljharb/qs https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41 https://github.com/ljharb/qs/security/advisories/GHSA-q8mj-m7cp-5q26 https://nvd.nist.gov/vuln/detail/CVE-2026-8723
react-router CVE-2026-40181 MEDIUM 6.30.3 7.14.1, 6.30.4 https://github.com/remix-run/react-router https://github.com/remix-run/react-router/security/advisories/GHSA-2j2x-hqr9-3h42 https://nvd.nist.gov/vuln/detail/CVE-2026-40181
tmp CVE-2026-44705 HIGH 0.2.5 0.2.6 https://github.com/raszi/node-tmp https://github.com/raszi/node-tmp/commit/efa4a06f24374797ae32ab2b6ae39b7a611ae429 https://github.com/raszi/node-tmp/security/advisories/GHSA-ph9p-34f9-6g65
uuid CVE-2026-41907 MEDIUM 8.3.2 11.1.1, 12.0.1, 13.0.1 https://access.redhat.com/security/cve/CVE-2026-41907 https://github.com/uuidjs/uuid https://github.com/uuidjs/uuid/commit/32389c887c9e75f90442ee4cc95bbab0c4e8346e https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34 https://github.com/uuidjs/uuid/commit/3d61d6ac1f782cf6b1dd8661c60f11722cd49a0d https://github.com/uuidjs/uuid/commit/9d27ddf7046ce496ef39569ff84d948eeff9cb2a https://github.com/uuidjs/uuid/releases/tag/v11.1.1 https://github.com/uuidjs/uuid/releases/tag/v12.0.1 https://github.com/uuidjs/uuid/releases/tag/v13.0.1 https://github.com/uuidjs/uuid/releases/tag/v14.0.0 https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq https://nvd.nist.gov/vuln/detail/CVE-2026-41907 https://www.cve.org/CVERecord?id=CVE-2026-41907
vite CVE-2026-39365 MEDIUM 5.4.21 8.0.5, 7.3.2, 6.4.2 https://access.redhat.com/security/cve/CVE-2026-39365 https://github.com/vitejs/vite https://github.com/vitejs/vite/commit/79f002f2286c03c88c7b74c511c7f9fc6dc46694 https://github.com/vitejs/vite/pull/22161 https://github.com/vitejs/vite/releases/tag/v6.4.2 https://github.com/vitejs/vite/releases/tag/v7.3.2 https://github.com/vitejs/vite/releases/tag/v8.0.5 https://github.com/vitejs/vite/security/advisories/GHSA-4w7w-66w2-5vf9 https://nvd.nist.gov/vuln/detail/CVE-2026-39365 https://www.cve.org/CVERecord?id=CVE-2026-39365
ws CVE-2026-45736 MEDIUM 8.17.1 8.20.1 https://github.com/websockets/ws https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086 https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx https://nvd.nist.gov/vuln/detail/CVE-2026-45736
yaml CVE-2026-33532 MEDIUM 1.10.2 2.8.3, 1.10.3 https://access.redhat.com/security/cve/CVE-2026-33532 https://github.com/eemeli/yaml https://github.com/eemeli/yaml/commit/1e84ebbea7ec35011a4c61bbb820a529ee4f359b https://github.com/eemeli/yaml/releases/tag/v1.10.3 https://github.com/eemeli/yaml/releases/tag/v2.8.3 https://github.com/eemeli/yaml/security/advisories/GHSA-48c2-rrv3-qjmp https://nvd.nist.gov/vuln/detail/CVE-2026-33532 https://www.cve.org/CVERecord?id=CVE-2026-33532
No Misconfigurations found
dockerfile
No Vulnerabilities found
Type Misconf ID Check Severity Message
Dockerfile Security Check DS026 No HEALTHCHECK defined LOW Add HEALTHCHECK instruction in your Dockerfile
https://avd.aquasec.com/misconfig/ds026
No Vulnerabilities found
No Misconfigurations found
No Vulnerabilities found
No Misconfigurations found