Fix Novemer 2021 YARN CVEs
YARN Audit fails: https://gitlab.com/dietech/samarbeid/-/jobs/1799373334
$ yarn run improved-yarn-audit --fail-on-missing-exclusions --retry-on-network-failure
yarn run v1.22.15
$ /builds/dietech/samarbeid/node_modules/.bin/improved-yarn-audit --fail-on-missing-exclusions --retry-on-network-failure
Improved Yarn Audit - v2.3.3
Reading excluded advisories from .iyarc
Minimum severity level to report: low
Excluded Advisories: [1002401,1002627,1002401,1002423,1002466,1002401,1002423,1002522,1002627]
Running yarn audit...
Found 19 vulnerabilities
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: HIGH
Modules: webpack-dev-server>chokidar>glob-parent, @rails/webpacker>webpack>watchpack>watchpack-chokidar2>chokidar>glob-parent
URL: https://github.com/advisories/GHSA-ww39-953v-wcq6
Vulnerability Found:
Severity: MODERATE
Modules: babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/reporters>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>jest-snapshot>@jest/transform>jest-haste-map>walker>makeerror>tmpl
URL: https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
Vulnerability Found:
Severity: MODERATE
Modules: babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/reporters>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>jest-snapshot>@jest/transform>jest-haste-map>walker>makeerror>tmpl
URL: https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
Vulnerability Found:
Severity: MODERATE
Modules: babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/reporters>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>jest-snapshot>@jest/transform>jest-haste-map>walker>makeerror>tmpl
URL: https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
Vulnerability Found:
Severity: MODERATE
Modules: babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/reporters>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>jest-snapshot>@jest/transform>jest-haste-map>walker>makeerror>tmpl
URL: https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
Vulnerability Found:
Severity: MODERATE
Modules: babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/reporters>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>jest-snapshot>@jest/transform>jest-haste-map>walker>makeerror>tmpl
URL: https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
Vulnerability Found:
Severity: MODERATE
Modules: babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/reporters>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>jest-snapshot>@jest/transform>jest-haste-map>walker>makeerror>tmpl
URL: https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
Vulnerability Found:
Severity: MODERATE
Modules: babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>@jest/reporters>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>babel-jest>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>@jest/transform>jest-haste-map>walker>makeerror>tmpl, jest>jest-cli>@jest/core>jest-config>@jest/test-sequencer>jest-runtime>jest-snapshot>@jest/transform>jest-haste-map>walker>makeerror>tmpl
URL: https://github.com/advisories/GHSA-jgrx-mgxx-jf9v
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: MODERATE
Modules: webpack-dev-server>yargs>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>strip-ansi>ansi-regex, webpack-dev-server>yargs>cliui>wrap-ansi>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>string-width>strip-ansi>ansi-regex, @rails/webpacker>webpack-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex
URL: https://github.com/advisories/GHSA-93q8-gq69-wqmw
Vulnerability Found:
Severity: MODERATE
Modules: @rails/webpacker>optimize-css-assets-webpack-plugin>cssnano>cssnano-preset-default>postcss-svgo>svgo>css-select>nth-check
URL: https://github.com/advisories/GHSA-rp65-9cf3-cjxr
Vulnerability Found:
Severity: HIGH
Modules: webpack-dev-server>ansi-html
URL: https://github.com/advisories/GHSA-whgm-jr23-g3j9
Vulnerability Found:
Severity: HIGH
Modules: webpack-dev-server>chokidar>glob-parent, @rails/webpacker>webpack>watchpack>watchpack-chokidar2>chokidar>glob-parent
URL: https://github.com/advisories/GHSA-ww39-953v-wcq6
Run `yarn audit` for more information
WARNING: One or more excluded audit advisories were missing from yarn audit output: 1002401,1002627,1002401,1002423,1002466,1002401,1002423,1002522,1002627
ERROR: --fail-on-missing-exclusions/-f was specified, exit code will indicate number of missing exclusions
error Command failed with exit code 9.
Edited by Michael Prilop