0 critical · 1 high · 2 medium · 0 low · 3 total (deduped by advisory)
NPM package @datagrok/clinical-case@1.4.0 — production dependency tree audited with npm audit.
| Advisory | Severity | Dependency | Installed | Vulnerable range | Fixed by | CVSS | Description |
|---|---|---|---|---|---|---|---|
| GHSA-36jr-mh4h-2g58 | HIGH | d3-color | 1.0.3 | <3.1.0 | — | d3-color vulnerable to ReDoS | |
| GHSA-fgmj-fm8m-jvvx | MEDIUM | echarts | 5.6.0 | <6.1.0 | — | 6.1 | Apache ECharts has a cross-site scripting (XSS) vulnerability |
| GHSA-w5hq-g745-h8pq | MEDIUM | uuid | 8.3.2 | <11.1.1 | available | 7.5 | uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided |