71 lines
1.7 KiB
JSON
71 lines
1.7 KiB
JSON
{
|
|
"timestamp": "2024-02-16T15:30:00.000Z",
|
|
"project_path": "/example/sample-web-app",
|
|
"dependencies": [
|
|
{
|
|
"name": "lodash",
|
|
"version": "4.17.20",
|
|
"ecosystem": "npm",
|
|
"direct": true,
|
|
"license": "MIT",
|
|
"vulnerabilities": [
|
|
{
|
|
"id": "CVE-2021-23337",
|
|
"summary": "Prototype pollution in lodash",
|
|
"severity": "HIGH",
|
|
"cvss_score": 7.2,
|
|
"affected_versions": "<4.17.21",
|
|
"fixed_version": "4.17.21",
|
|
"published_date": "2021-02-15",
|
|
"references": [
|
|
"https://nvd.nist.gov/vuln/detail/CVE-2021-23337"
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"name": "axios",
|
|
"version": "1.5.0",
|
|
"ecosystem": "npm",
|
|
"direct": true,
|
|
"license": "MIT",
|
|
"vulnerabilities": []
|
|
},
|
|
{
|
|
"name": "express",
|
|
"version": "4.18.1",
|
|
"ecosystem": "npm",
|
|
"direct": true,
|
|
"license": "MIT",
|
|
"vulnerabilities": []
|
|
},
|
|
{
|
|
"name": "jsonwebtoken",
|
|
"version": "8.5.1",
|
|
"ecosystem": "npm",
|
|
"direct": true,
|
|
"license": "MIT",
|
|
"vulnerabilities": []
|
|
}
|
|
],
|
|
"vulnerabilities_found": 1,
|
|
"high_severity_count": 1,
|
|
"medium_severity_count": 0,
|
|
"low_severity_count": 0,
|
|
"ecosystems": ["npm"],
|
|
"scan_summary": {
|
|
"total_dependencies": 4,
|
|
"unique_dependencies": 4,
|
|
"ecosystems_found": 1,
|
|
"vulnerable_dependencies": 1,
|
|
"vulnerability_breakdown": {
|
|
"high": 1,
|
|
"medium": 0,
|
|
"low": 0
|
|
}
|
|
},
|
|
"recommendations": [
|
|
"URGENT: Address 1 high-severity vulnerabilities immediately",
|
|
"Update lodash from 4.17.20 to 4.17.21 to fix CVE-2021-23337"
|
|
]
|
|
} |