Update dependency express to v4.22.0 (main) #23
+743
−294
Mend for GitHub.com / WhiteSource Security Check
failed
May 29, 2026 in 1m 21s
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Exploit Maturity | EPSS | Vulnerable Library | Direct Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|---|---|---|
CVE-2026-8723Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> express-4.22.0.tgz (Root Library) -> ❌ qs-6.14.2.tgz (Vulnerable Library) |
 Medium |
5.3 | Not Defined | 0.044% | Transitive qs-6.14.2.tgz |
express-4.22.0.tgz | Transitive 6.15.2 |
None |
|
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2024-47764 | cookie-0.4.0.tgz |
| CVE-2024-45590 | body-parser-1.19.0.tgz |
| CVE-2025-15284 | qs-6.7.0.tgz |
| CVE-2024-43799 | send-0.17.1.tgz |
| CVE-2024-29041 | express-4.17.1.tgz |
| CVE-2024-43800 | serve-static-1.14.1.tgz |
| CVE-2026-2391 | qs-6.7.0.tgz |
| CVE-2024-43796 | express-4.17.1.tgz |
| CVE-2022-24999 | qs-6.7.0.tgz |
| CVE-2024-52798 | path-to-regexp-0.1.7.tgz |
| CVE-2024-45296 | path-to-regexp-0.1.7.tgz |
| CVE-2026-4867 | path-to-regexp-0.1.7.tgz |
Base branch total remaining vulnerabilities: 28
Base branch commit: 8aee888f46a0a5feddff742a5797cab7e896e450
Total libraries scanned: 129
Scan token: f02e4860dcdc439c9619812d5b1c402d
Loading