Bump @linearb/gitstream-core to 2.1.230
#527
Closed
Orca Security (US) / Orca Security - Vulnerabilities
failed
Apr 20, 2026 in 48s
Orca Security Scan Summary
| Status | Check | Issues by priority | |
|---|---|---|---|
 Failed |
Vulnerabilities |  4  0  0  0 |
View in Orca |
☢️ The following Vulnerabilities (CVEs) have been detected
| PACKAGE | FILE | CVE ID | INSTALLED VERSION | FIXED VERSION | ||
|---|---|---|---|---|---|---|
 |
undici | ./package-lock.json | CVE-2026-1525 | 5.29.0 | 6.24.0, 7.24.0 | View in code |
|
undici | ./package-lock.json | CVE-2026-1526 | 5.29.0 | 6.24.0, 7.24.0 | View in code |
|
undici | ./package-lock.json | CVE-2026-2229 | 5.29.0 | 6.24.0, 7.24.0 | View in code |
|
undici | ./package-lock.json | CVE-2026-22036 | 5.29.0 | 7.18.2, 6.23.0 | View in code |
Annotations
Check failure on line 7833 in package-lock.json
orca-security-us / Orca Security - Vulnerabilities
[CRITICAL] undici (CVE-2026-1525)
undici - Undici - HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers
Severity: CRITICAL
CVSS3 Score: 9.8
Installed version: 5.29.0
Fixed version: 6.24.0, 7.24.0
Check failure on line 7833 in package-lock.json
orca-security-us / Orca Security - Vulnerabilities
[HIGH] undici (CVE-2026-1526)
undici - undici - Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression
Severity: HIGH
CVSS3 Score: 7.5
Installed version: 5.29.0
Fixed version: 6.24.0, 7.24.0
Check failure on line 7833 in package-lock.json
orca-security-us / Orca Security - Vulnerabilities
[HIGH] undici (CVE-2026-2229)
undici - Undici - Denial of Service via invalid WebSocket permessage-deflate extension parameter
Severity: HIGH
CVSS3 Score: 7.5
Installed version: 5.29.0
Fixed version: 6.24.0, 7.24.0
Check failure on line 7833 in package-lock.json
orca-security-us / Orca Security - Vulnerabilities
[HIGH] undici (CVE-2026-22036)
undici - Undici - Denial of Service via excessive decompression steps
Severity: HIGH
CVSS3 Score: 7.5
Installed version: 5.29.0
Fixed version: 7.18.2, 6.23.0
Loading