Bump @sentry/profiling-node from 1.2.6 to 10.51.0 #7187
41 new alerts including 29 high severity security vulnerabilities
New alerts in code changed by this pull request
Security Alerts:
- 29 high
- 5 medium
- 7 low
Alerts not introduced by this pull request might have been detected because the code changes were too large.
See annotations below for details.
Annotations
Check failure on line 13814 in package-lock.json
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 16167 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 16167 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 16167 in package-lock.json
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 16290 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 16290 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 16290 in package-lock.json
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 19379 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 19379 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 19379 in package-lock.json
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 24970 in package-lock.json
Code scanning / Trivy
Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString() High
Check failure on line 26652 in package-lock.json
Code scanning / Trivy
node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives High
Check failure on line 26652 in package-lock.json
Code scanning / Trivy
node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition High
Check failure on line 26652 in package-lock.json
Code scanning / Trivy
node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check High
Check failure on line 26652 in package-lock.json
Code scanning / Trivy
node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation High
Check failure on line 26652 in package-lock.json
Code scanning / Trivy
node-tar: hardlink path traversal via drive-relative linkpath High
Check failure on line 26652 in package-lock.json
Code scanning / Trivy
tar: tar: File overwrite via drive-relative symlink traversal High
Check failure on line 4594 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 4594 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 4594 in package-lock.json
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 7726 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High
Check failure on line 7726 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns High
Check failure on line 7726 in package-lock.json
Code scanning / Trivy
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions High
Check failure on line 9835 in package-lock.json
Code scanning / Trivy
glob CLI: Command injection via -c/--cmd executes matches with shell:true High
Check failure on line 9899 in package-lock.json
Code scanning / Trivy
minimatch: minimatch: Denial of Service via specially crafted glob patterns High