Bump cipher-base from 1.0.4 to 1.0.6 #601
Open
Orca Security (US) / Orca Security - Vulnerabilities
failed
Aug 21, 2025 in 7s
Orca Security Scan Summary
| Status | Check | Issues by priority | |
|---|---|---|---|
 Failed |
Vulnerabilities |  3  0  0  0 |
View in Orca |
☢️ The following Vulnerabilities (CVEs) have been detected
| PACKAGE | FILE | CVE ID | INSTALLED VERSION | FIXED VERSION | ||
|---|---|---|---|---|---|---|
|
postcss | ./yarn.lock | CVE-2021-23382 | 6.0.22 | 8.2.13, 7.0.36 | View in code |
|
trim | ./yarn.lock | CVE-2020-7753 | 0.0.1 | 0.0.3 | View in code |
|
trim-newlines | ./yarn.lock | CVE-2021-33623 | 2.0.0 | 3.0.1, 4.0.1 | View in code |
Annotations
Check failure on line 12126 in yarn.lock
orca-security-us / Orca Security - Vulnerabilities
[HIGH] postcss (CVE-2021-23382)
nodejs-postcss - ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js
Severity: HIGH
CVSS2 Score: 5
CVSS3 Score: 7.5
Installed version: 6.0.22
Fixed version: 8.2.13, 7.0.36
Check failure on line 15127 in yarn.lock
orca-security-us / Orca Security - Vulnerabilities
[HIGH] trim (CVE-2020-7753)
nodejs-trim - Regular Expression Denial of Service (ReDoS) in trim function
Severity: HIGH
CVSS2 Score: 5
CVSS3 Score: 7.5
Installed version: 0.0.1
Fixed version: 0.0.3
Check failure on line 15115 in yarn.lock
orca-security-us / Orca Security - Vulnerabilities
[HIGH] trim-newlines (CVE-2021-33623)
nodejs-trim-newlines - ReDoS in .end() method
Severity: HIGH
CVSS2 Score: 5
CVSS3 Score: 7.5
Installed version: 2.0.0
Fixed version: 3.0.1, 4.0.1
Loading