y-websocket-2.0.3.tgz: 1 vulnerabilities (highest severity is: 9.8) [master]Β #13
Description
π Vulnerable Library - y-websocket-2.0.3.tgz
Path to dependency file: /frontend/package.json
Path to vulnerable library: /frontend/node_modules/y-websocket/package.json
Findings
| Finding | Severity | π― CVSS | Exploit Maturity | EPSS | Library | Type | Fixed in | Remediation Available | Reachability |
|---|---|---|---|---|---|---|---|---|---|
| CVE-289561-266276 | π£ Critical | 9.8 | N/A | N/A | inherits-2.0.4.tgz | Transitive | N/A | β |
Details
π£CVE-289561-266276
Vulnerable Library - inherits-2.0.4.tgz
Browser-friendly inheritance fully compatible with standard node.js inherits()
Library home page: https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz
Path to dependency file: /frontend/package.json
Path to vulnerable library: /frontend/node_modules/inherits/package.json
Dependency Hierarchy:
- y-websocket-2.0.3.tgz (Root Library)
- y-leveldb-0.1.2.tgz
- level-6.0.1.tgz
- level-packager-5.1.1.tgz
- levelup-4.4.0.tgz
- level-iterator-stream-4.0.2.tgz
- β inherits-2.0.4.tgz (Vulnerable Library)
- level-iterator-stream-4.0.2.tgz
- levelup-4.4.0.tgz
- level-packager-5.1.1.tgz
- level-6.0.1.tgz
- y-leveldb-0.1.2.tgz
Vulnerability Details
Created automatically by the test suite
Publish Date: Jun 07, 2010 05:12 PM
URL: CVE-289561-266276
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 9.8
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :