Security Audit Report for Secrover

Audit run on 2026-02-10 04:02 with Secrover 0.7 osv-scanner: 2.1.0
opengrep: 1.15.1

📦 Dependencies Report

67 vulnerabilities

0 Critical 0 High 0 Moderate 0 Low 67 Info

cluster

Talos Kubernetes Cluster

No audit data available.

cluster-scripts

Cluster Scripts

No audit data available.

rompatcherjs

RomPatcher.js

No audit data available.

apod

APOD project

45 vulnerabilities

0 Critical 0 High 0 Moderate 0 Low 45 Info

📦 Impacted Packages:

package-lock.json

webpack 5.89.0 CVE-2025-68157, GHSA-38r7-794h-5758

ws 7.5.9 CVE-2024-37890, GHSA-3h5v-q93c-6h6q

ws 8.16.0 CVE-2024-37890, GHSA-3h5v-q93c-6h6q

cross-spawn 7.0.3 CVE-2024-21538, GHSA-3xgq-45jj-v275

webpack-dev-server 4.15.1 CVE-2025-30359, GHSA-4v9v-hfq4-rm2v

webpack 5.89.0 CVE-2024-43788, GHSA-4vvj-4cpr-p986

http-proxy-middleware 2.0.6 CVE-2025-32996, GHSA-4www-5p9h-95mh

node-forge 1.3.1 CVE-2025-66031, GHSA-554w-wpv2-vw27

node-forge 1.3.1 CVE-2025-12816, GHSA-5gfm-wpxj-wjgq

glob 10.3.10 CVE-2025-64756, GHSA-5j98-mcp5-4vw2

node-forge 1.3.1 CVE-2025-66030, GHSA-65ch-62r8-g69g

jsonpath 1.1.1 CVE-2025-61140, GHSA-6c59-mwgh-r2x6

qs 6.11.0 CVE-2025-15284, GHSA-6rw7-vpxm-498p

on-headers 1.0.2 CVE-2025-7339, GHSA-76c9-3jph-rj3q

serialize-javascript 6.0.1 CVE-2024-11831, GHSA-76p7-773f-r4q5

postcss 7.0.39 CVE-2023-44270, GHSA-7fh5-64p2-3v2j

webpack 5.89.0 CVE-2025-68458, GHSA-8fgc-7cc6-rx7x

micromatch 4.0.5 CVE-2024-4067, GHSA-952p-6rrq-rcjv

@babel/helpers 7.23.7 CVE-2025-27789, GHSA-968p-4wvh-cqc8

@babel/runtime 7.23.7 CVE-2025-27789, GHSA-968p-4wvh-cqc8

http-proxy-middleware 2.0.6 CVE-2025-32997, GHSA-9gqv-wp59-fq42

webpack-dev-server 4.15.1 CVE-2025-30360, GHSA-9jgg-88mc-972h

path-to-regexp 0.1.7 CVE-2024-45296, GHSA-9wv6-86v2-598j

http-proxy-middleware 2.0.6 CVE-2024-21536, GHSA-c7qv-q95q-8v27

serve-static 1.15.0 CVE-2024-43800, GHSA-cm22-4g7w-348p

follow-redirects 1.15.3 CVE-2024-28849, GHSA-cxjh-pqwp-8mfp

form-data 3.0.1 CVE-2025-7783, GHSA-fjxv-7rqg-78g4

rollup 2.79.1 CVE-2024-47068, GHSA-gcx4-mw62-g8wm

ejs 3.1.9 CVE-2024-33883, GHSA-ghr5-ch3p-vcr6

braces 3.0.2 CVE-2024-4068, GHSA-grv7-fg5c-xmjg

follow-redirects 1.15.3 CVE-2023-26159, GHSA-jchw-25xp-jwwc

send 0.18.0 CVE-2024-43799, GHSA-m6fv-jmcg-4jfg

js-yaml 3.14.1 CVE-2025-64718, GHSA-mh29-5h37-fv8m

js-yaml 4.1.0 CVE-2025-64718, GHSA-mh29-5h37-fv8m

nanoid 3.3.7 CVE-2024-55565, GHSA-mwcw-c2x4-8c55

cookie 0.5.0 CVE-2024-47764, GHSA-pxg6-pf52-xh8x

express 4.18.2 CVE-2024-43796, GHSA-qw6h-vgh9-j6wx

body-parser 1.20.1 CVE-2024-45590, GHSA-qwcr-r2fm-qrc7

path-to-regexp 0.1.7 CVE-2024-52798, GHSA-rhx6-c78j-4q9w

nth-check 1.0.2 CVE-2021-3803, GHSA-rp65-9cf3-cjxr

express 4.18.2 CVE-2024-29041, GHSA-rv95-896h-c2vc

brace-expansion 1.1.11 CVE-2025-5889, GHSA-v6h2-p8h4-qcjw

brace-expansion 2.0.1 CVE-2025-5889, GHSA-v6h2-p8h4-qcjw

webpack-dev-middleware 5.3.3 CVE-2024-29180, GHSA-wr3j-pwj9-hqq6

lodash 4.17.21 CVE-2025-13465, GHSA-xxjr-mmjv-4gpg

go-littlelinks-generator

GO LittleLinks Generator

22 vulnerabilities

0 Critical 0 High 0 Moderate 0 Low 22 Info

📦 Impacted Packages:

go.mod

stdlib 1.22.99 CVE-2025-22871, BIT-golang-2025-22871, GO-2025-3563, GHSA-g9pc-8g42-g6vq

stdlib 1.22.99 CVE-2025-0913, BIT-golang-2025-0913, GO-2025-3750

stdlib 1.22.99 CVE-2025-4673, BIT-golang-2025-4673, GO-2025-3751

stdlib 1.22.99 CVE-2025-47907, BIT-golang-2025-47907, GO-2025-3849

stdlib 1.22.99 CVE-2025-47906, BIT-golang-2025-47906, GO-2025-3956

stdlib 1.22.99 CVE-2025-61725, BIT-golang-2025-61725, GO-2025-4006

stdlib 1.22.99 CVE-2025-58187, BIT-golang-2025-58187, GO-2025-4007

stdlib 1.22.99 CVE-2025-58189, BIT-golang-2025-58189, GO-2025-4008

stdlib 1.22.99 CVE-2025-61723, BIT-golang-2025-61723, GO-2025-4009

stdlib 1.22.99 CVE-2025-47912, BIT-golang-2025-47912, GO-2025-4010

stdlib 1.22.99 CVE-2025-58185, BIT-golang-2025-58185, GO-2025-4011

stdlib 1.22.99 CVE-2025-58186, BIT-golang-2025-58186, GO-2025-4012

stdlib 1.22.99 CVE-2025-58188, BIT-golang-2025-58188, GO-2025-4013

stdlib 1.22.99 CVE-2025-58183, BIT-golang-2025-58183, GO-2025-4014

stdlib 1.22.99 CVE-2025-61724, BIT-golang-2025-61724, GO-2025-4015

stdlib 1.22.99 CVE-2025-61729, BIT-golang-2025-61729, GO-2025-4155

stdlib 1.22.99 CVE-2025-61727, BIT-golang-2025-61727, GO-2025-4175

stdlib 1.22.99 CVE-2025-68121, GO-2026-4337

stdlib 1.22.99 CVE-2025-61730, BIT-golang-2025-61730, GO-2026-4340

stdlib 1.22.99 CVE-2025-61726, BIT-golang-2025-61726, GO-2026-4341

stdlib 1.22.99 CVE-2025-61728, BIT-golang-2025-61728, GO-2026-4342

stdlib 1.22.99 CVE-2025-22873, BIT-golang-2025-22873, GO-2026-4403