Upgrade to React 19

[dlymonkai]

Overview

Jira Ticket Reference : MN-769

Checklist before requesting a review

• I have updated the unit tests based on the changes I made
• I have updated the docs (TSDoc / README / global doc) to reflect my changes
• I have updated the local app configs if needed
• I have performed self-QA of my feature by testing the apps and packages and made sure that :
  • No regression or new bug has occurred
  • The acceptance criteria listed in the ticket are met
  • Self-QA was made on both desktop and mobile

[apiiro]

⚠️ Apiiro found 128 resolved risks - 128 critical ⚠️

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/monitoring/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/common-ui-web/package.json
- @monkvision/network declared in packages/common-ui-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/sights/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in documentation/package.json
- @monkvision/common-ui-web declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, High EPSS, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.74367 Percentile 98.78%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01263 Percentile 78.79%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- source-map-explorer declared in apps/demo-app-video/package.json
- react-scripts declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.01587 Percentile 81.03%	1.7.4
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00106 Percentile 29.35%	1.7.8
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00106 Percentile 29.27%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.0006 Percentile 18.7%	1.8.2
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00025 Percentile 5.72%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/test-utils declared in packages/common/package.json
- @monkvision/sights declared in packages/common/package.json
- @monkvision/monitoring declared in packages/common/package.json
- @monkvision/analytics declared in packages/common/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.01587 Percentile 81.03%	1.7.4
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00106 Percentile 29.35%	1.7.8
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00106 Percentile 29.27%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.0006 Percentile 18.7%	1.8.2
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00025 Percentile 5.72%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app-video/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/inspection-capture-web/package.json
- @monkvision/network declared in packages/inspection-capture-web/package.json
- @monkvision/common-ui-web declared in packages/inspection-capture-web/package.json
- @monkvision/camera-web declared in packages/inspection-capture-web/package.json
- @monkvision/sights declared in packages/inspection-capture-web/package.json
- @monkvision/analytics declared in packages/inspection-capture-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, High EPSS, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.74367 Percentile 98.78%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01263 Percentile 78.79%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- source-map-explorer declared in apps/demo-app/package.json
- react-scripts declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/camera-web/package.json
- @monkvision/common-ui-web declared in packages/camera-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository, Test logic
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in configs/test-utils/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- axios declared in apps/demo-app/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app/package.json
- @monkvision/common declared in apps/demo-app/package.json
- @monkvision/network declared in apps/demo-app/package.json
- @monkvision/common-ui-web declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/analytics/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/monitoring declared in packages/sentry/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/network/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- jest-environment-jsdom declared in packages/common/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/analytics declared in packages/posthog/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, Dev dependency, High EPSS, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.74367 Percentile 98.78%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01263 Percentile 78.79%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- lerna declared in package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @docusaurus/core declared in documentation/package.json
- @docusaurus/preset-classic declared in documentation/package.json
- @docusaurus/theme-common declared in documentation/package.json
- @docusaurus/plugin-content-pages declared in documentation/package.json
- @monkvision/common declared in documentation/package.json
- @monkvision/common-ui-web declared in documentation/package.json
- @monkvision/sights declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.01587 Percentile 81.03%	1.7.4
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00106 Percentile 29.35%	1.7.8
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00106 Percentile 29.27%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.0006 Percentile 18.7%	1.8.2
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00025 Percentile 5.72%	1.12.0

Remediation suggestions
axios is a sub-dependency referenced by the following top-level dependencies:
- lerna declared in package.json
Upgrade these top-level dependencies to a version that uses axios with version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 3.0.1
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	3.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 3.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/inspection-capture-web/package.json
- @monkvision/network declared in packages/inspection-capture-web/package.json
- @monkvision/common-ui-web declared in packages/inspection-capture-web/package.json
- @monkvision/camera-web declared in packages/inspection-capture-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/common-ui-web/package.json
- @monkvision/network declared in packages/common-ui-web/package.json
- @monkvision/sights declared in packages/common-ui-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- lerna declared in package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/camera-web/package.json
- @monkvision/common-ui-web declared in packages/camera-web/package.json
- @monkvision/monitoring declared in packages/camera-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app/package.json
- @monkvision/common declared in apps/demo-app/package.json
- @monkvision/network declared in apps/demo-app/package.json
- @monkvision/common-ui-web declared in apps/demo-app/package.json
- @monkvision/sights declared in apps/demo-app/package.json
- @monkvision/sentry declared in apps/demo-app/package.json
- @monkvision/posthog declared in apps/demo-app/package.json
- @monkvision/monitoring declared in apps/demo-app/package.json
- @monkvision/analytics declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app-video/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app-video/package.json
- @monkvision/common declared in apps/demo-app-video/package.json
- @monkvision/network declared in apps/demo-app-video/package.json
- @monkvision/common-ui-web declared in apps/demo-app-video/package.json
- @monkvision/sights declared in apps/demo-app-video/package.json
- @monkvision/sentry declared in apps/demo-app-video/package.json
- @monkvision/posthog declared in apps/demo-app-video/package.json
- @monkvision/monitoring declared in apps/demo-app-video/package.json
- @monkvision/analytics declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- axios declared in apps/demo-app-video/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app-video/package.json
- @monkvision/common declared in apps/demo-app-video/package.json
- @monkvision/network declared in apps/demo-app-video/package.json
- @monkvision/common-ui-web declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/network/package.json
- @monkvision/sights declared in packages/network/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 0.25.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00106 Percentile 29.27%	0.28.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00106 Percentile 29.35%	1.7.8
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.0006 Percentile 18.7%	0.30.0
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00025 Percentile 5.72%	0.30.2

Remediation suggestions
axios is a sub-dependency referenced by the following top-level dependencies:
- @docusaurus/core declared in documentation/package.json
- @docusaurus/preset-classic declared in documentation/package.json
- @docusaurus/theme-common declared in documentation/package.json
- @docusaurus/plugin-content-pages declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses axios with version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 3.0.1
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	3.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 3.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 0.25.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00106 Percentile 29.27%	0.28.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00106 Percentile 29.35%	1.7.8
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.0006 Percentile 18.7%	0.30.0
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00025 Percentile 5.72%	0.30.2

Remediation suggestions
axios is a sub-dependency referenced by the following top-level dependencies:
- @docusaurus/core declared in documentation/package.json
- @docusaurus/preset-classic declared in documentation/package.json
- @docusaurus/theme-common declared in documentation/package.json
- @docusaurus/plugin-content-pages declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses axios with version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/common-ui-web/package.json
- @monkvision/network declared in packages/common-ui-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/sights/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in documentation/package.json
- @monkvision/common-ui-web declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, High EPSS, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.74367 Percentile 98.78%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01263 Percentile 78.79%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- source-map-explorer declared in apps/demo-app-video/package.json
- react-scripts declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.01587 Percentile 81.03%	1.7.4
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00106 Percentile 29.35%	1.7.8
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00106 Percentile 29.27%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.0006 Percentile 18.7%	1.8.2
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00025 Percentile 5.72%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/test-utils declared in packages/common/package.json
- @monkvision/sights declared in packages/common/package.json
- @monkvision/monitoring declared in packages/common/package.json
- @monkvision/analytics declared in packages/common/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.01587 Percentile 81.03%	1.7.4
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00106 Percentile 29.35%	1.7.8
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00106 Percentile 29.27%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.0006 Percentile 18.7%	1.8.2
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00025 Percentile 5.72%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app-video/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/inspection-capture-web/package.json
- @monkvision/network declared in packages/inspection-capture-web/package.json
- @monkvision/common-ui-web declared in packages/inspection-capture-web/package.json
- @monkvision/camera-web declared in packages/inspection-capture-web/package.json
- @monkvision/sights declared in packages/inspection-capture-web/package.json
- @monkvision/analytics declared in packages/inspection-capture-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, High EPSS, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.74367 Percentile 98.78%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01263 Percentile 78.79%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- source-map-explorer declared in apps/demo-app/package.json
- react-scripts declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/camera-web/package.json
- @monkvision/common-ui-web declared in packages/camera-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository, Test logic
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in configs/test-utils/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00062 Percentile 19.38%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- axios declared in apps/demo-app/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app/package.json
- @monkvision/common declared in apps/demo-app/package.json
- @monkvision/network declared in apps/demo-app/package.json
- @monkvision/common-ui-web declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.0008 Percentile 24.08%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/analytics/package.json
Upgr

Content truncated, for more details click on apiiro link below.

View in Apiiro

[apiiro]

Workflows: "WORKFLOW-20 · Max Digital - Slack Alert and PR Comment - Vulnerable Dependency Found - Critical", "WORKFLOW-22 · Monk - Slack Alert and PR Comment - Vulnerable Dependency Found - Critical", "WORKFLOW-24 · Drive - Slack Alert and PR Comment - Vulnerable Dependency Found - Critical", "WORKFLOW-26 · ACV - Slack Alert and PR Comment - Vulnerable Dependency Found - Critical"
Policies: "SCA OSS Vulnerabilities - Critical Severity"

⚠️ Apiiro found 128 resolved risks - 128 critical ⚠️

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/monitoring/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/monitoring declared in packages/sentry/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/common-ui-web/package.json
- @monkvision/network declared in packages/common-ui-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/sights/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in documentation/package.json
- @monkvision/common-ui-web declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00236 Percentile 42.83%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.00186 Percentile 35.69%	1.8.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00184 Percentile 35.43%	1.7.8
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.00183 Percentile 35.37%	1.7.4
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00083 Percentile 20.41%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/test-utils declared in packages/common/package.json
- @monkvision/sights declared in packages/common/package.json
- @monkvision/monitoring declared in packages/common/package.json
- @monkvision/analytics declared in packages/common/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00236 Percentile 42.83%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.00186 Percentile 35.69%	1.8.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00184 Percentile 35.43%	1.7.8
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.00183 Percentile 35.37%	1.7.4
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00083 Percentile 20.41%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app-video/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/inspection-capture-web/package.json
- @monkvision/network declared in packages/inspection-capture-web/package.json
- @monkvision/common-ui-web declared in packages/inspection-capture-web/package.json
- @monkvision/camera-web declared in packages/inspection-capture-web/package.json
- @monkvision/sights declared in packages/inspection-capture-web/package.json
- @monkvision/analytics declared in packages/inspection-capture-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/camera-web/package.json
- @monkvision/common-ui-web declared in packages/camera-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository, Test logic
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in configs/test-utils/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.62755 Percentile 98.36%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01682 Percentile 80.69%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- source-map-explorer declared in apps/demo-app/package.json
- react-scripts declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- axios declared in apps/demo-app/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app/package.json
- @monkvision/common declared in apps/demo-app/package.json
- @monkvision/network declared in apps/demo-app/package.json
- @monkvision/common-ui-web declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/analytics/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 3.0.1
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	3.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 3.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/network/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- jest-environment-jsdom declared in packages/common/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/analytics declared in packages/posthog/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @docusaurus/core declared in documentation/package.json
- @docusaurus/preset-classic declared in documentation/package.json
- @docusaurus/theme-common declared in documentation/package.json
- @docusaurus/plugin-content-pages declared in documentation/package.json
- @monkvision/common declared in documentation/package.json
- @monkvision/common-ui-web declared in documentation/package.json
- @monkvision/sights declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00236 Percentile 42.83%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.00186 Percentile 35.69%	1.8.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00184 Percentile 35.43%	1.7.8
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.00183 Percentile 35.37%	1.7.4
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00083 Percentile 20.41%	1.12.0

Remediation suggestions
axios is a sub-dependency referenced by the following top-level dependencies:
- lerna declared in package.json
Upgrade these top-level dependencies to a version that uses axios with version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 3.0.1
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	3.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 3.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/inspection-capture-web/package.json
- @monkvision/network declared in packages/inspection-capture-web/package.json
- @monkvision/common-ui-web declared in packages/inspection-capture-web/package.json
- @monkvision/camera-web declared in packages/inspection-capture-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/common-ui-web/package.json
- @monkvision/network declared in packages/common-ui-web/package.json
- @monkvision/sights declared in packages/common-ui-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.62755 Percentile 98.36%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01682 Percentile 80.69%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- lerna declared in package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- lerna declared in package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/camera-web/package.json
- @monkvision/common-ui-web declared in packages/camera-web/package.json
- @monkvision/monitoring declared in packages/camera-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app/package.json
- @monkvision/common declared in apps/demo-app/package.json
- @monkvision/network declared in apps/demo-app/package.json
- @monkvision/common-ui-web declared in apps/demo-app/package.json
- @monkvision/sights declared in apps/demo-app/package.json
- @monkvision/sentry declared in apps/demo-app/package.json
- @monkvision/posthog declared in apps/demo-app/package.json
- @monkvision/monitoring declared in apps/demo-app/package.json
- @monkvision/analytics declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- react-scripts declared in apps/demo-app-video/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app-video/package.json
- @monkvision/common declared in apps/demo-app-video/package.json
- @monkvision/network declared in apps/demo-app-video/package.json
- @monkvision/common-ui-web declared in apps/demo-app-video/package.json
- @monkvision/sights declared in apps/demo-app-video/package.json
- @monkvision/sentry declared in apps/demo-app-video/package.json
- @monkvision/posthog declared in apps/demo-app-video/package.json
- @monkvision/monitoring declared in apps/demo-app-video/package.json
- @monkvision/analytics declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- axios declared in apps/demo-app-video/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app-video/package.json
- @monkvision/common declared in apps/demo-app-video/package.json
- @monkvision/network declared in apps/demo-app-video/package.json
- @monkvision/common-ui-web declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/network/package.json
- @monkvision/sights declared in packages/network/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 0.25.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00236 Percentile 42.83%	0.28.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.00186 Percentile 35.69%	0.30.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00184 Percentile 35.43%	1.7.8
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00083 Percentile 20.41%	0.30.2

Remediation suggestions
axios is a sub-dependency referenced by the following top-level dependencies:
- @docusaurus/core declared in documentation/package.json
- @docusaurus/preset-classic declared in documentation/package.json
- @docusaurus/theme-common declared in documentation/package.json
- @docusaurus/plugin-content-pages declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses axios with version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.62755 Percentile 98.36%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01682 Percentile 80.69%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- source-map-explorer declared in apps/demo-app-video/package.json
- react-scripts declared in apps/demo-app-video/package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 0.25.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00236 Percentile 42.83%	0.28.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.00186 Percentile 35.69%	0.30.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00184 Percentile 35.43%	1.7.8
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00083 Percentile 20.41%	0.30.2

Remediation suggestions
axios is a sub-dependency referenced by the following top-level dependencies:
- @docusaurus/core declared in documentation/package.json
- @docusaurus/preset-classic declared in documentation/package.json
- @docusaurus/theme-common declared in documentation/package.json
- @docusaurus/plugin-content-pages declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses axios with version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/monitoring declared in packages/sentry/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/common-ui-web/package.json
- @monkvision/network declared in packages/common-ui-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in packages/sights/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in documentation/package.json
- @monkvision/common-ui-web declared in documentation/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00236 Percentile 42.83%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.00186 Percentile 35.69%	1.8.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00184 Percentile 35.43%	1.7.8
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.00183 Percentile 35.37%	1.7.4
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00083 Percentile 20.41%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/test-utils declared in packages/common/package.json
- @monkvision/sights declared in packages/common/package.json
- @monkvision/monitoring declared in packages/common/package.json
- @monkvision/analytics declared in packages/common/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency axios

• Dependency: axios : 1.5.1
• Type: Direct
• Insights: Adequate maintainer count, Adequately tested, Frequent commits, Popularity, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45857	Axios Cross-Site Request Forgery Vulnerability	6.5	No exploit maturity data	Score: 0.00236 Percentile 42.83%	1.6.0
CVE-2025-27152	axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL	7.5	No exploit maturity data	Score: 0.00186 Percentile 35.69%	1.8.0
CVE-2024-57965	Origin Check Flaw in Axios Prior to 1.7.8	9.8	No exploit maturity data	Score: 0.00184 Percentile 35.43%	1.7.8
CVE-2024-39338	Server-Side Request Forgery in axios	7.5	No exploit maturity data	Score: 0.00183 Percentile 35.37%	1.7.4
CVE-2025-58754	Axios is vulnerable to DoS attack through lack of data size check	7.5	No exploit maturity data	Score: 0.00083 Percentile 20.41%	1.12.0

Remediation suggestions
Upgrade to axios 1.12.0:
1. Go to apps/demo-app-video/package.json
2. Replace vulnerable version 1.5.1 with fix version 1.12.0

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/inspection-capture-web/package.json
- @monkvision/network declared in packages/inspection-capture-web/package.json
- @monkvision/common-ui-web declared in packages/inspection-capture-web/package.json
- @monkvision/camera-web declared in packages/inspection-capture-web/package.json
- @monkvision/sights declared in packages/inspection-capture-web/package.json
- @monkvision/analytics declared in packages/inspection-capture-web/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- @monkvision/common declared in packages/camera-web/package.json
- @monkvision/common-ui-web declared in packages/camera-web/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository, Test logic
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@babel/traverse is a sub-dependency referenced by the following top-level dependencies:
- jest declared in configs/test-utils/package.json
Upgrade these top-level dependencies to a version that uses @babel/traverse with version 7.23.2

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency ejs

• Dependency: ejs : 3.1.9
• Type: Sub-dependency
• Insights: Adequately tested, Popularity, Single maintainer, Has vulnerabilities, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-29827	Server-Side Template Injection in ejs v3.1.9	9.8	No exploit maturity data	Score: 0.62755 Percentile 98.36%	3.1.10
CVE-2024-33883	ejs lacks certain pollution protection	4	No exploit maturity data	Score: 0.01682 Percentile 80.69%	3.1.10

Remediation suggestions
ejs is a sub-dependency referenced by the following top-level dependencies:
- source-map-explorer declared in apps/demo-app/package.json
- react-scripts declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses ejs with version 3.1.10

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency form-data

• Dependency: form-data : 4.0.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Adequately tested, Backed by foundation, Frequent commits, Popularity, Has vulnerabilities, Used in code, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2025-7783	form-data uses unsafe random function in form-data for choosing boundary	0	No exploit maturity data	Score: 0.00106 Percentile 24.54%	4.0.4

Remediation suggestions
form-data is a sub-dependency referenced by the following top-level dependencies:
- axios declared in apps/demo-app/package.json
- @monkvision/inspection-capture-web declared in apps/demo-app/package.json
- @monkvision/common declared in apps/demo-app/package.json
- @monkvision/network declared in apps/demo-app/package.json
- @monkvision/common-ui-web declared in apps/demo-app/package.json
Upgrade these top-level dependencies to a version that uses form-data with version 4.0.4

🟤 Critical: SCA OSS Vulnerabilities - Critical Severity in dependency @babel/traverse

• Dependency: @babel/traverse : 7.23.0
• Type: Sub-dependency
• Insights: Adequate maintainer count, Has vulnerabilities, Dev dependency, Public repository
• Vulnerabilities:

ID	Vulnerability	CVSS	Exploit maturity	EPSS	Fix version
CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	9.4	No exploit maturity data	Score: 0.00107 Percentile 24.67%	7.23.2

Remediation suggestions
@b

Content truncated, for more details click on apiiro link below.

View in Apiiro