Update dependency nexmo to v2.6.0 #27
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-2025-69873Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nexmo-2.6.0.tgz (Root Library) -> request-2.88.2.tgz -> har-validator-5.1.5.tgz -> ❌ ajv-6.14.0.tgz (Vulnerable Library) |
 High |
7.5 | Transitive ajv-6.14.0.tgz |
nexmo-2.6.0.tgz | Transitive ajv - 8.18.0,ajv - 6.14.0 |
None |
CVE-2023-26136Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nexmo-2.6.0.tgz (Root Library) -> request-2.88.2.tgz -> ❌ tough-cookie-2.5.0.tgz (Vulnerable Library) |
 Medium |
6.5 | Transitive tough-cookie-2.5.0.tgz |
nexmo-2.6.0.tgz | Transitive 4.1.3 |
None |
CVE-2023-28155Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> nexmo-2.6.0.tgz (Root Library) -> ❌ request-2.88.2.tgz (Vulnerable Library) |
Medium |
6.1 | Transitive request-2.88.2.tgz |
nexmo-2.6.0.tgz | Transitive @cypress/request - 3.0.0 |
None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2025-15284 | qs-6.5.2.tgz |
| CVE-2021-3918 | json-schema-0.2.3.tgz |
| CVE-2023-26136 | tough-cookie-2.4.3.tgz |
| CVE-2022-24999 | qs-6.5.2.tgz |
| CVE-2020-15366 | ajv-6.10.2.tgz |
| CVE-2025-69873 | ajv-6.10.2.tgz |
| CVE-2023-28155 | request-2.88.0.tgz |
| CVE-2025-65945 | jws-3.2.2.tgz |
| CVE-2026-2391 | qs-6.5.2.tgz |
Base branch total remaining vulnerabilities: 43
Base branch commit: null
Total libraries scanned: 188
Scan token: d70beb80be054895b265f92eb21b98b5