Veraocde SCA Scan failed with exit code 7 Veracode SCA agent scanning engine ready Running the NPM scanner npm warn config only Use `--omit=dev` to omit dev dependencies from the install. Scanning completed Found 0 lines of code Processing results... Processing results complete Summary Report Scan ID ebeed423-110a-4843-bd0b-eea37527bd6f Scan Date & Time Nov 02 2024 04:06AM UTC Account type ENTERPRISE Scan engine 3.8.77 (latest 3.8.77) Analysis time 40 seconds User runner Project /home/runner/work/veracode-sca/veracode-sca Package Manager(s) NPM Open-Source Libraries Total Libraries 161 Direct Libraries 3 Transitive Libraries 160 Vulnerable Libraries 4 Third Party Code 100% Security With Vulnerable Methods 0 Critical Risk Vulnerabilities 0 High Risk Vulnerabilities 2 Medium Risk Vulnerabilities 2 Low Risk Vulnerabilities 0 Vulnerabilities - Public Data CVE-2024-41818 High Risk Regular Expression Denial Of Service (ReDoS) fast-xml-parser 4.4.0 CVE-2024-45296 High Risk Denial Of Service (DoS) path-to-regexp 6.2.2 CVE-2024-39249 Medium Risk Regular Expression Denial Of Service (ReDoS) async 3.2.5 Vulnerabilities - Premium Data NO-CVE Medium Risk Memory Leak inflight 1.0.6 Licenses Unique Library Licenses 9 Libraries Using GPL 0 Libraries With High Risk License 0 Libraries With Medium Risk License 0 Libraries With Low Risk License 162 Libraries With Multiple Licenses 2 Libraries With Unassessable License 1 Libraries With Unrecognizable License 0 Issues Issue ID Issue Type Severity Description Library Name & Version In Use 201254253 Vulnerability 6.2 NO-CVE: Memory Leak inflight 1.0.6 302273625 Outdated Library 3.0 Latest version at scan: 6.0.0 @actions/github 5.1.1 309152806 Vulnerability 5.3 CVE-2024-39249: Regular Expression Denial Of Service (ReDoS) async 3.2.5 316181792 Vulnerability 7.5 CVE-2024-41818: Regular Expression Denial Of Service (ReDoS) fast-xml-parser 4.4.0 328445716 Vulnerability 7.5 CVE-2024-45296: Denial Of Service (DoS) path-to-regexp 6.2.2 335843712 Outdated Library 3.0 Latest version at scan: 1.11.1 @actions/core 1.10.1 340424239 Outdated Library 3.0 Latest version at scan: 2.1.11 @actions/artifact 2.1.7 Full Report Details https://sca.analysiscenter.veracode.com/teams/700tzKDV/scans/76770934

The following actions uses node12 which is deprecated and will be forced to run on node16: actions/checkout@v2. For more info: https://github.blog/changelog/2023-06-13-github-actions-all-actions-will-run-on-node16-instead-of-node12-by-default/

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v2, veracode/[email protected]. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/