OS-199 removing unused modules #229

An automation triggered a pipeline warning

Found 18 vulnerabilities. An additional 0 vulnerabilities have been marked as unaffected.

Output from Automations

4 rules were checked:

If a dependency contains a vulnerability which has not been marked as unaffected and which has not triggered this rule for this dependency before
then notify all users in the group admins by email

✔️ The rule did not trigger. Manage rule

If a new dependency is added where the license risk is at least medium
then notify all users in the group admins by email

📤 The rule triggered for the following dependencies, causing an email notification. Manage rule

Dependency	Dependency Licenses
os2web/os2web_audit (Composer)	EUPL-1.2
os2web/os2web_datalookup (Composer)	EUPL-1.2
os2web/os2web_key (Composer)	EUPL-1.2
paragonie/halite (Composer)	MPL-2.0
simplesamlphp/saml2 (Composer)	LGPL-2.1-or-later

If there is a dependency where the license risk is at least high
then send a pipeline warning

⚠️ The rule triggered for the following dependencies, causing a pipeline warning. Manage rule

Dependency	Dependency Licenses
caxy/php-htmldiff (Composer)	GPL-2.0-only
chi-teck/drupal-code-generator (Composer)	GPL-2.0-or-later
drupal/coder (Composer)	GPL-2.0-or-later
drupal/core (Composer)	GPL-2.0-or-later
drupal/dynamic_entity_reference (Composer)	GPL-2.0-or-later
drush/drush (Composer)	GPL-2.0-or-later
mglaman/composer-drupal-lenient (Composer)	GPL-2.0-or-later
mkalkbrenner/php-htmldiff-advanced (Composer)	GPL-2.0-only
phenx/php-svg-lib (Composer)	LGPL-3.0-only, LGPL-3.0-or-later
phpoffice/phpword (Composer)	LGPL-3.0-only
simplesamlphp/simplesamlphp-module-authfacebook (Composer)	LGPL-2.1-or-later, LGPL-3.0-or-later
simplesamlphp/simplesamlphp-module-authwindowslive (Composer)	LGPL-3.0-or-later
simplesamlphp/simplesamlphp-module-cas (Composer)	LGPL-2.1-or-later, LGPL-3.0-or-later
simplesamlphp/simplesamlphp-module-exampleattributeserver (Composer)	LGPL-2.1-or-later, LGPL-3.0-or-later
simplesamlphp/simplesamlphp-module-oauth (Composer)	LGPL-2.1-only, LGPL-2.1-or-later, LGPL-3.0-only
simplesamlphp/simplesamlphp-module-riak (Composer)	LGPL-3.0-or-later
webflo/drupal-finder (Composer)	GPL-2.0-or-later
zaporylie/composer-drupal-optimizations (Composer)	GPL-2.0-or-later

If a dependency contains a vulnerability which has not been marked as unaffected
then send a pipeline warning

⚠️ The rule triggered for the following vulnerabilities, causing a pipeline warning. Manage rule

Vulnerability	CVSS2	CVSS3	Dependency	Dependency Licenses
CVE-2024-55636	N/A	9.8	drupal/core (Composer)	GPL-2.0-or-later
CVE-2024-55638	N/A	9.8	drupal/core (Composer)	GPL-2.0-or-later
CVE-2024-55637	N/A	9.8	drupal/core (Composer)	GPL-2.0-or-later
CVE-2024-55634	N/A	8.1	drupal/core (Composer)	GPL-2.0-or-later
CVE-2025-31674	N/A	7.5	drupal/core (Composer)	GPL-2.0-or-later
CVE-2025-3057	N/A	6.1	drupal/core (Composer)	GPL-2.0-or-later
CVE-2023-46734	N/A	6.1	symfony/serializer (Composer)	MIT
CVE-2025-31675	N/A	5.4	drupal/core (Composer)	GPL-2.0-or-later
CVE-2024-12393	N/A	5.4	drupal/core (Composer)	GPL-2.0-or-later
CVE-2024-45440	N/A	5.3	drupal/core (Composer)	GPL-2.0-or-later
CVE-2025-31673	N/A	4.6	drupal/core (Composer)	GPL-2.0-or-later
CVE-2024-50345	N/A	3.1	symfony/http-foundation (Composer)	MIT
CVE-2024-50343	N/A	3.1	symfony/validator (Composer)	MIT
CVE-2024-51755	N/A	2.2	twig/twig (Composer)	BSD-3-Clause
CVE-2024-51754	N/A	2.2	twig/twig (Composer)	BSD-3-Clause
CVE-2024-51736	N/A	0	symfony/process (Composer)	MIT
debricked-290689	N/A	N/A	drupal/core (Composer)	GPL-2.0-or-later
debricked-243556	N/A	N/A	drupal/core (Composer)	GPL-2.0-or-later

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

OS-199 removing unused modules #229

Uh oh!

Uh oh!

OS-199 removing unused modules #229

Uh oh!

An automation triggered a pipeline warning

Output from Automations

4 rules were checked:

Re-running checks...