Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 7 vulnerabilities #10

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

fix: Packs/Exchange2016_Compliance/Integrations/Exchange2016_Complian…

b06bef1
Select commit
Loading
Failed to load commit list.
Open

[Snyk] Fix for 7 vulnerabilities #10

fix: Packs/Exchange2016_Compliance/Integrations/Exchange2016_Complian…
b06bef1
Select commit
Loading
Failed to load commit list.
Wiz Inc. (98909e62bd) / Wiz Vulnerability Scanner completed Jun 5, 2024 in 4s

Wiz Vulnerability Scanner

Alakazam, Supreme Sorcerer of Software! 🧙‍

The arcane currents guided Wiz's gaze, uncovering hidden wonders within this code. 🔮🔍

Exposing Vulnerabilities with Wiz 🪄

🔮 Vulnerabilities Detected: 7

2C 1H 4M 0L 0I

― Note from Wiz: "Like a coding magician, you make errors vanish - keep up the magic act! 🎩🔮"

Annotations

Check failure on line 5 in Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files/requirements.txt

See this annotation in the file changed.

@wiz-inc-98909e62bd wiz-inc-98909e62bd / Wiz Vulnerability Scanner

pyyaml:4.2b1 

Detected Vulnerabilities:
  CVE-2020-14343, Severity: Critical, Source: https://github.com/advisories/GHSA-8q59-q68h-6hv4
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.4.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2020-1747, Severity: Critical, Source: https://github.com/advisories/GHSA-6757-jp84-gxfx
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.3.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 7 in Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files/requirements.txt

See this annotation in the file changed.

@wiz-inc-98909e62bd wiz-inc-98909e62bd / Wiz Vulnerability Scanner

urllib3:1.25.9 

Detected Vulnerabilities:
  CVE-2021-33503, Severity: High, Source: https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.26.5
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2023-45803, Severity: Medium, Source: https://github.com/advisories/GHSA-g4mx-q9vg-27p4
    CVSS score: 4.2, CVSS exploitability score: 0.5
    🩹 Fixed version: 1.26.18
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2023-43804, Severity: Medium, Source: https://github.com/advisories/GHSA-v845-jxx5-vc9f
    CVSS score: 8.1, CVSS exploitability score: 2.8
    🩹 Fixed version: 1.26.17
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 6 in Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files/requirements.txt

See this annotation in the file changed.

@wiz-inc-98909e62bd wiz-inc-98909e62bd / Wiz Vulnerability Scanner

requests:2.20 

Detected Vulnerabilities:
  CVE-2024-35195, Severity: Medium, Source: https://github.com/advisories/GHSA-9wx4-h78v-vm56
    🩹 Fixed version: 2.32.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2023-32681, Severity: Medium, Source: https://github.com/advisories/GHSA-j8r2-6x86-q33q
    CVSS score: 6.1, CVSS exploitability score: 1.6
    🩹 Fixed version: 2.31.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 5 in Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files/requirements.txt

See this annotation in the file changed.

@wiz-inc-98909e62bd wiz-inc-98909e62bd / Wiz Vulnerability Scanner

pyyaml:4.2b1 

Detected Vulnerabilities:
  CVE-2020-14343, Severity: Critical, Source: https://github.com/advisories/GHSA-8q59-q68h-6hv4
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.4.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2020-1747, Severity: Critical, Source: https://github.com/advisories/GHSA-6757-jp84-gxfx
    CVSS score: 9.8, CVSS exploitability score: 3.9
    🩹 Fixed version: 5.3.1
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check failure on line 7 in Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files/requirements.txt

See this annotation in the file changed.

@wiz-inc-98909e62bd wiz-inc-98909e62bd / Wiz Vulnerability Scanner

urllib3:1.25.9 

Detected Vulnerabilities:
  CVE-2023-43804, Severity: Medium, Source: https://github.com/advisories/GHSA-v845-jxx5-vc9f
    CVSS score: 8.1, CVSS exploitability score: 2.8
    🩹 Fixed version: 1.26.17
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2021-33503, Severity: High, Source: https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
    CVSS score: 7.5, CVSS exploitability score: 3.9
    🩹 Fixed version: 1.26.5
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2023-45803, Severity: Medium, Source: https://github.com/advisories/GHSA-g4mx-q9vg-27p4
    CVSS score: 4.2, CVSS exploitability score: 0.5
    🩹 Fixed version: 1.26.18
    💥 Has public exploit
    🧨 Has CISA KEV exploit

Check warning on line 6 in Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files/requirements.txt

See this annotation in the file changed.

@wiz-inc-98909e62bd wiz-inc-98909e62bd / Wiz Vulnerability Scanner

requests:2.20 

Detected Vulnerabilities:
  CVE-2023-32681, Severity: Medium, Source: https://github.com/advisories/GHSA-j8r2-6x86-q33q
    CVSS score: 6.1, CVSS exploitability score: 1.6
    🩹 Fixed version: 2.31.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
  CVE-2024-35195, Severity: Medium, Source: https://github.com/advisories/GHSA-9wx4-h78v-vm56
    🩹 Fixed version: 2.32.0
    💥 Has public exploit
    🧨 Has CISA KEV exploit
View more details on Wiz Inc. (98909e62bd)