fix(deps): update sentry-javascript monorepo (major) #89

Security Report

You have successfully remediated 8 vulnerabilities, but introduced 11 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Direct Library	Suggested Fix	Issue
CVE-2026-27904 Path to dependency file: /package.json Path to vulnerable library: /node_modules/minimatch/package.json Dependency Hierarchy: -> archiver-5.3.1.tgz (Root Library) -> archiver-utils-2.1.0.tgz -> glob-7.2.0.tgz -> ❌ minimatch-3.1.2.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-3.1.2.tgz	archiver-5.3.1.tgz	`Transitive` 3.1.4	None
CVE-2026-27903 Path to dependency file: /package.json Path to vulnerable library: /node_modules/minimatch/package.json Dependency Hierarchy: -> archiver-5.3.1.tgz (Root Library) -> archiver-utils-2.1.0.tgz -> glob-7.2.0.tgz -> ❌ minimatch-3.1.2.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-3.1.2.tgz	archiver-5.3.1.tgz	`Transitive` https://github.com/isaacs/minimatch.git - v9.0.7,https://github.com/isaacs/minimatch.git - v6.2.2,https://github.com/isaacs/minimatch.git - v4.2.5,https://github.com/isaacs/minimatch.git - v7.4.8,https://github.com/isaacs/minimatch.git - v5.1.8,https://github.com/isaacs/minimatch.git - v10.2.3,https://github.com/isaacs/minimatch.git - v8.0.6,https://github.com/isaacs/minimatch.git - v3.1.3	None
CVE-2026-26996 Path to dependency file: /package.json Path to vulnerable library: /node_modules/minimatch/package.json Dependency Hierarchy: -> archiver-5.3.1.tgz (Root Library) -> archiver-utils-2.1.0.tgz -> glob-7.2.0.tgz -> ❌ minimatch-3.1.2.tgz (Vulnerable Library)	High	7.5	`Transitive` minimatch-3.1.2.tgz	archiver-5.3.1.tgz	`Transitive` https://github.com/isaacs/minimatch.git - v10.2.1,https://github.com/isaacs/minimatch.git - v7.4.7,https://github.com/isaacs/minimatch.git - v6.2.1,https://github.com/isaacs/minimatch.git - v3.1.3,https://github.com/isaacs/minimatch.git - v9.0.6,https://github.com/isaacs/minimatch.git - v4.2.4,https://github.com/isaacs/minimatch.git - v8.0.5,https://github.com/isaacs/minimatch.git - v5.1.7	None
CVE-2024-45590 Path to dependency file: /package.json Path to vulnerable library: /node_modules/body-parser/package.json Dependency Hierarchy: -> express-4.18.2.tgz (Root Library) -> ❌ body-parser-1.20.1.tgz (Vulnerable Library)	High	7.5	`Transitive` body-parser-1.20.1.tgz	express-4.18.2.tgz	`Transitive` 1.20.3	None
CVE-2024-29041 Path to dependency file: /package.json Path to vulnerable library: /node_modules/express/package.json Dependency Hierarchy: -> ❌ express-4.18.2.tgz (Vulnerable Library)	Medium	6.1	`Direct` express-4.18.2.tgz	express-4.18.2.tgz	4.19.0	None
CVE-2024-47764 Path to dependency file: /package.json Path to vulnerable library: /node_modules/express/node_modules/cookie/package.json Dependency Hierarchy: -> express-4.18.2.tgz (Root Library) -> ❌ cookie-0.5.0.tgz (Vulnerable Library)	Medium	5.3	`Transitive` cookie-0.5.0.tgz	express-4.18.2.tgz	`Transitive` 0.7.0	None
CVE-2024-43800 Path to dependency file: /package.json Path to vulnerable library: /node_modules/serve-static/package.json Dependency Hierarchy: -> express-4.18.2.tgz (Root Library) -> ❌ serve-static-1.15.0.tgz (Vulnerable Library)	Medium	5.0	`Transitive` serve-static-1.15.0.tgz	express-4.18.2.tgz	`Transitive` 1.16.0	None
CVE-2024-43799 Path to dependency file: /package.json Path to vulnerable library: /node_modules/send/package.json Dependency Hierarchy: -> express-4.18.2.tgz (Root Library) -> ❌ send-0.18.0.tgz (Vulnerable Library)	Medium	5.0	`Transitive` send-0.18.0.tgz	express-4.18.2.tgz	`Transitive` 0.19.0	None
CVE-2024-43796 Path to dependency file: /package.json Path to vulnerable library: /node_modules/express/package.json Dependency Hierarchy: -> ❌ express-4.18.2.tgz (Vulnerable Library)	Medium	5.0	`Direct` express-4.18.2.tgz	express-4.18.2.tgz	4.20.0	None
CVE-2026-2391 Path to dependency file: /package.json Path to vulnerable library: /node_modules/qs/package.json Dependency Hierarchy: -> express-4.18.2.tgz (Root Library) -> ❌ qs-6.11.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.11.0.tgz	express-4.18.2.tgz	`Transitive` 6.14.2	None
CVE-2025-15284 Path to dependency file: /package.json Path to vulnerable library: /node_modules/qs/package.json Dependency Hierarchy: -> express-4.18.2.tgz (Root Library) -> ❌ qs-6.11.0.tgz (Vulnerable Library)	Low	3.7	`Transitive` qs-6.11.0.tgz	express-4.18.2.tgz	`Transitive` 6.14.1	None

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
CVE-2024-47764	cookie-0.4.2.tgz
CVE-2024-45590	body-parser-1.19.2.tgz
CVE-2026-2391	qs-6.9.7.tgz
CVE-2024-43799	send-0.17.2.tgz
CVE-2024-43796	express-4.17.3.tgz
CVE-2025-15284	qs-6.9.7.tgz
CVE-2024-29041	express-4.17.3.tgz
CVE-2024-43800	serve-static-1.14.2.tgz

Base branch total remaining vulnerabilities: 64
Base branch commit: null

Total libraries scanned: 333

Scan token: 99f885423cee4ceda47dff9a4895d8a1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update sentry-javascript monorepo (major) #89

Uh oh!

Uh oh!

fix(deps): update sentry-javascript monorepo (major) #89

Uh oh!

Security Report

Re-running checks...

fix(deps): update sentry-javascript monorepo (major) #89

Are you sure you want to change the base?

Uh oh!

fix(deps): update sentry-javascript monorepo

Uh oh!

fix(deps): update sentry-javascript monorepo (major) #89

Uh oh!

Security Report

Re-running checks...