NPM security vulnerabilities
nneal1213 opened this issue · 1 comments
nneal1213 commented
Hello, as I was installing your plugin, the Anchore image scan at my company had detected vulnerabilities associated your plugin:
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/globule/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/stringstream/package.json (fixed in: 0.0.6)(GHSA-mf6x-7mm4-x2g7 - https://github.com/advisories/GHSA-mf6x-7mm4-x2g7) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/cli/package.json (CVE-2014-3342 - https://nvd.nist.gov/vuln/detail/CVE-2014-3342) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/node_modules/jsonpointer/package.json (fixed in: 5.0.0)(GHSA-282f-qqgm-c34q - https://github.com/advisories/GHSA-282f-qqgm-c34q) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-util/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/package.json (fixed in: 2.17.2)(GHSA-4hpf-3wq7-5rpr - https://github.com/advisories/GHSA-4hpf-3wq7-5rpr) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/cli/package.json (CVE-2007-4027 - https://nvd.nist.gov/vuln/detail/CVE-2007-4027) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log-utils/node_modules/underscore.string/package.json (fixed in: 3.3.5)(GHSA-v2p6-4mp7-3r9v - https://github.com/advisories/GHSA-v2p6-4mp7-3r9v) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (python) - /usr/local/lib/python3.10/dist-packages/certifi (fixed in: 2022.12.07)(GHSA-43fp-rhv2-5gv8 - https://github.com/advisories/GHSA-43fp-rhv2-5gv8) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-contrib-watch/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-util/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/hawk/node_modules/hoek/package.json (fixed in: 4.2.1)(GHSA-jp4x-w63m-7wgm - https://github.com/advisories/GHSA-jp4x-w63m-7wgm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/bl/package.json (fixed in: 1.2.3)(GHSA-pp7h-53gx-mx7r - https://github.com/advisories/GHSA-pp7h-53gx-mx7r) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/hosted-git-info/package.json (fixed in: 2.8.9)(GHSA-43f8-2h32-f4cj - https://github.com/advisories/GHSA-43f8-2h32-f4cj) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/debug/node_modules/ms/package.json (fixed in: 2.0.0)(GHSA-w9mr-4mfr-499f - https://github.com/advisories/GHSA-w9mr-4mfr-499f) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-contrib-watch/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/js-yaml/package.json (fixed in: 3.13.0)(GHSA-2pr6-76vf-7546 - https://github.com/advisories/GHSA-2pr6-76vf-7546) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/findup-sync/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log-utils/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/underscore.string/package.json (fixed in: 3.3.5)(GHSA-v2p6-4mp7-3r9v - https://github.com/advisories/GHSA-v2p6-4mp7-3r9v) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/findup-sync/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log-utils/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/minimist/package.json (fixed in: 0.2.1)(GHSA-vh95-rmgr-6w4m - https://github.com/advisories/GHSA-vh95-rmgr-6w4m) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/shelljs/package.json (fixed in: 0.8.5)(GHSA-64g7-mvw6-v9qj - https://github.com/advisories/GHSA-64g7-mvw6-v9qj) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/package.json (fixed in: 1.5.2)(GHSA-j383-35pm-c5h4 - https://github.com/advisories/GHSA-j383-35pm-c5h4) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/tunnel-agent/package.json (fixed in: 0.6.0)(GHSA-xc7v-wxcw-j472 - https://github.com/advisories/GHSA-xc7v-wxcw-j472) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/mkdirp/node_modules/minimist/package.json (fixed in: 0.2.1)(GHSA-vh95-rmgr-6w4m - https://github.com/advisories/GHSA-vh95-rmgr-6w4m) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/argparse/node_modules/underscore.string/package.json (fixed in: 3.3.5)(GHSA-v2p6-4mp7-3r9v - https://github.com/advisories/GHSA-v2p6-4mp7-3r9v) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/extend/package.json (fixed in: 3.0.2)(GHSA-qrmc-fj45-qfc2 - https://github.com/advisories/GHSA-qrmc-fj45-qfc2) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/cli/package.json (CVE-2007-4430 - https://nvd.nist.gov/vuln/detail/CVE-2007-4430) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/package.json (fixed in: 6.14.6)(GHSA-93f3-23rq-pjfp - https://github.com/advisories/GHSA-93f3-23rq-pjfp) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/ms/package.json (fixed in: 2.0.0)(GHSA-w9mr-4mfr-499f - https://github.com/advisories/GHSA-w9mr-4mfr-499f) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log/node_modules/underscore.string/package.json (fixed in: 3.3.5)(GHSA-v2p6-4mp7-3r9v - https://github.com/advisories/GHSA-v2p6-4mp7-3r9v) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/jshint/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-x5rq-j2xg-h7qm - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/globule/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/fstream/package.json (fixed in: 1.0.12)(GHSA-xf7w-r453-m56c - https://github.com/advisories/GHSA-xf7w-r453-m56c) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/minimatch/package.json (fixed in: 3.0.2)(GHSA-hxm2-r34f-qmc5 - https://github.com/advisories/GHSA-hxm2-r34f-qmc5) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/globule/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/npm-user-validate/package.json (fixed in: 1.0.1)(GHSA-pw54-mh39-w3hc - https://github.com/advisories/GHSA-pw54-mh39-w3hc) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/qs/package.json (fixed in: 1.0.0)(GHSA-jjv7-qpx3-h62q - https://github.com/advisories/GHSA-jjv7-qpx3-h62q) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/findup-sync/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log-utils/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/qs/package.json (fixed in: 6.2.4)(GHSA-hrpp-h998-j3pp - https://github.com/advisories/GHSA-hrpp-h998-j3pp) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-contrib-watch/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-util/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/tar/package.json (fixed in: 4.4.18)(GHSA-5955-9wpr-37jh - https://github.com/advisories/GHSA-5955-9wpr-37jh) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/package.json (fixed in: 1.1.7)(GHSA-832h-xg76-4gv6 - https://github.com/advisories/GHSA-832h-xg76-4gv6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/qs/package.json (fixed in: 6.2.4)(GHSA-hrpp-h998-j3pp - https://github.com/advisories/GHSA-hrpp-h998-j3pp) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/tar/package.json (fixed in: 4.4.16)(GHSA-9r2w-394v-53qc - https://github.com/advisories/GHSA-9r2w-394v-53qc) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-util/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/package.json (fixed in: 1.3.0)(GHSA-m5pj-vjjf-4m3h - https://github.com/advisories/GHSA-m5pj-vjjf-4m3h) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/package.json (fixed in: 1.1.7)(GHSA-832h-xg76-4gv6 - https://github.com/advisories/GHSA-832h-xg76-4gv6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/cli/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log-utils/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/tar/package.json (fixed in: 2.2.2)(GHSA-j44m-qm6p-hp7m - https://github.com/advisories/GHSA-j44m-qm6p-hp7m) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/findup-sync/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/package.json (fixed in: 6.13.3)(GHSA-m6cx-g6qm-p2cx - https://github.com/advisories/GHSA-m6cx-g6qm-p2cx) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/traceur/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/hawk/package.json (fixed in: 9.0.1)(GHSA-44pw-h2cw-w3vq - https://github.com/advisories/GHSA-44pw-h2cw-w3vq) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/tiny-lr-fork/node_modules/debug/package.json (fixed in: 2.6.9)(GHSA-9vvw-cc9w-f27h - https://github.com/advisories/GHSA-9vvw-cc9w-f27h) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/package.json (fixed in: 1.1.7)(GHSA-832h-xg76-4gv6 - https://github.com/advisories/GHSA-832h-xg76-4gv6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-contrib-watch/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/findup-sync/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/globule/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/shelljs/package.json (fixed in: 0.8.5)(GHSA-4rq4-32rv-6wp6 - https://github.com/advisories/GHSA-4rq4-32rv-6wp6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/qs/package.json (fixed in: 1.0.0)(GHSA-f9cm-p3w6-xvr3 - https://github.com/advisories/GHSA-f9cm-p3w6-xvr3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/node-gyp/node_modules/path-array/node_modules/array-index/node_modules/debug/package.json (fixed in: 2.6.9)(GHSA-9vvw-cc9w-f27h - https://github.com/advisories/GHSA-9vvw-cc9w-f27h) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/d3-color/package.json (fixed in: 3.1.0)(GHSA-36jr-mh4h-2g58 - https://github.com/advisories/GHSA-36jr-mh4h-2g58) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/debug/package.json (fixed in: 2.6.9)(GHSA-9vvw-cc9w-f27h - https://github.com/advisories/GHSA-9vvw-cc9w-f27h) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/tar/package.json (fixed in: 3.2.2)(GHSA-3jfq-g458-7qm9 - https://github.com/advisories/GHSA-3jfq-g458-7qm9) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/init-package-json/node_modules/glob/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/jshint/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/tar/package.json (fixed in: 3.2.3)(GHSA-r628-mhmh-qjhw - https://github.com/advisories/GHSA-r628-mhmh-qjhw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/tar/package.json (fixed in: 4.4.18)(GHSA-qq89-hq3f-393p - https://github.com/advisories/GHSA-qq89-hq3f-393p) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/package.json (fixed in: 1.5.3)(GHSA-rm36-94g8-835r - https://github.com/advisories/GHSA-rm36-94g8-835r) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/multimatch/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/json5/package.json (fixed in: 1.0.2)(GHSA-9c47-m6qq-7p4h - https://github.com/advisories/GHSA-9c47-m6qq-7p4h) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/node-gyp/node_modules/minimatch/node_modules/brace-expansion/package.json (fixed in: 1.1.7)(GHSA-832h-xg76-4gv6 - https://github.com/advisories/GHSA-832h-xg76-4gv6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/package.json (fixed in: 6.13.3)(GHSA-x8qc-rrcw-4r46 - https://github.com/advisories/GHSA-x8qc-rrcw-4r46) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/package.json (fixed in: 1.13.2)(GHSA-2m39-62fm-q8r3 - https://github.com/advisories/GHSA-2m39-62fm-q8r3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/brace-expansion/package.json (fixed in: 1.1.7)(GHSA-832h-xg76-4gv6 - https://github.com/advisories/GHSA-832h-xg76-4gv6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/har-validator/node_modules/is-my-json-valid/package.json (fixed in: 2.17.2)(GHSA-f522-ffg8-j8r6 - https://github.com/advisories/GHSA-f522-ffg8-j8r6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/findup-sync/node_modules/minimatch/package.json (fixed in: 3.0.2)(GHSA-hxm2-r34f-qmc5 - https://github.com/advisories/GHSA-hxm2-r34f-qmc5) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/load-grunt-tasks/node_modules/minimatch/package.json (fixed in: 3.0.2)(GHSA-hxm2-r34f-qmc5 - https://github.com/advisories/GHSA-hxm2-r34f-qmc5) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/fstream-npm/node_modules/fstream-ignore/node_modules/minimatch/node_modules/brace-expansion/package.json (fixed in: 1.1.7)(GHSA-832h-xg76-4gv6 - https://github.com/advisories/GHSA-832h-xg76-4gv6) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/globule/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/node-gyp/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log-utils/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/qs/package.json (fixed in: 6.2.3)(GHSA-gqgv-6jq5-jjj9 - https://github.com/advisories/GHSA-gqgv-6jq5-jjj9) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/qs/package.json (fixed in: 6.0.4)(GHSA-gqgv-6jq5-jjj9 - https://github.com/advisories/GHSA-gqgv-6jq5-jjj9) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/package.json (fixed in: 5.7.1)(GHSA-ph34-pc88-72gc - https://github.com/advisories/GHSA-ph34-pc88-72gc) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/package.json (fixed in: 6.13.4)(GHSA-4328-8hgf-7wjr - https://github.com/advisories/GHSA-4328-8hgf-7wjr) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/ini/package.json (fixed in: 1.3.6)(GHSA-qqgx-2p2h-9c37 - https://github.com/advisories/GHSA-qqgx-2p2h-9c37) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/glob/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-util/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/read-package-json/node_modules/glob/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/jshint/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-35jh-r3h4-6jhm - https://github.com/advisories/GHSA-35jh-r3h4-6jhm) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/js-yaml/package.json (fixed in: 3.13.1)(GHSA-8j8c-7jfh-h6hx - https://github.com/advisories/GHSA-8j8c-7jfh-h6hx) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/npm/node_modules/request/node_modules/tough-cookie/package.json (fixed in: 2.3.3)(GHSA-g7q5-pjjr-gqvp - https://github.com/advisories/GHSA-g7q5-pjjr-gqvp) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/jshint/node_modules/lodash/package.json (fixed in: 4.17.20)(GHSA-p6mc-m468-83gw - https://github.com/advisories/GHSA-p6mc-m468-83gw) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-legacy-log/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/grunt-contrib-watch/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/findup-sync/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/load-grunt-tasks/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/lodash/package.json (fixed in: 4.17.11)(GHSA-4xc9-xhrj-v574 - https://github.com/advisories/GHSA-4xc9-xhrj-v574) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/babel-core/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/systemjs-builder/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | HIGH Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/jshint/node_modules/minimatch/package.json (fixed in: 3.0.5)(GHSA-f8q6-p94x-37v3 - https://github.com/advisories/GHSA-f8q6-p94x-37v3) | warn
vulnerabilities | package | MEDIUM Vulnerability found in non-os package type (npm) - /var/lib/grafana/plugins/digrich-bubblechart-panel/node_modules/jshint/node_modules/lodash/package.json (fixed in: 4.17.21)(GHSA-29mw-wpgm-hmr9 - https://github.com/advisories/GHSA-29mw-wpgm-hmr9)
Do you mind updating your npm?
digrich commented
Hi @nneal1213 - Please check with the latest version of plugin.