New Remediation Available

6821

Unique identifier for the workflow execution

10

Unique identifier for the workflow definition

demo

Tenant identifier where the event originated

h4r>>github>>github_repository>>acme-demo>>feature-flags

Heeler resource identifier for the repository

911836241

Repository numeric identifier

https://github.com/acme-demo/feature-flags

Repository URL

3170

Unique identifier for the remediation within Heeler

30055

Identifier of the code root (module/artifact) the remediation applies to

form-data

Primary package targeted by the remediation

1

Total number of findings addressed by this remediation

1

Count of CRITICAL findings addressed

0

Count of HIGH findings addressed

0

Count of MEDIUM findings addressed

0

Count of LOW findings addressed

medium

Estimated remediation complexity

2026-02-08T11:37:11.395397

Timestamp when the remediation was created

2026-02-08T11:37:50.523801

Timestamp when the remediation was last updated

null

Identity ID of the assigned owner (when assigned)

null

Timestamp when the remediation was assigned

null

External ticket identifier linked to this remediation (when present)

null

Connection identifier for the ticketing system integration (when present)

https://demo.heeler.com/.../remediations/3170

Direct link to the remediation in the Heeler UI

Upgrade form-data to 2.5.4

Recommended primary action for remediation

form-data

Package targeted by the primary solution

2.3.3

Current version detected in the code root

2.5.4

Recommended fixed version (when applicable)

specific_version

Solution strategy type (example: pin/upgrade/specific_version)

medium

Estimated complexity of the proposed solution

null

Additional details describing the solution (when available)

["CVE-2025-7783"]

List of vulnerability identifiers addressed by the solution

[...]

List of extra recommended actions required to complete the remediation (if any)

Upgrade request

Recommended follow-on action

request

Package targeted by the additional action

2.88.2

Current version detected for the additional package

null

Recommended fixed version (if known)

parent of form-data

Explanation of why the additional action is needed

unknown

Solution strategy type for the additional action

unknown

Estimated complexity for the additional action

[]

Vulnerabilities addressed by the additional action (if any)

[...]

List of findings impacted by the remediation (when included)

3816910

Finding identifier

CRITICAL

Finding severity

CVE-2025-7783

Vulnerability identifier associated with the finding

form-data

Vulnerable package name

2.3.3

Vulnerable package version

Production

Highest impact environment for this finding

true

Indicates whether the vulnerability is exploitable

true

Indicates whether the affected resource is internet accessible

true

Indicates whether the finding was observed at runtime

2025-08-14T00:41:25.234775

Timestamp when the remediation SLO clock started (when available)

2025-10-13T00:41:25.234775

SLA/SLO due date for remediation

https://demo.heeler.com/.../code_findings/3816910

Direct link to the finding in the Heeler UI

911836241

Internal identifier for the repository

acme-demo

Organization that owns the repository

feature-flags

Repository name

acme-demo/feature-flags

Fully qualified repository name

JavaScript

Primary programming language

main

Default branch of the repository

true

Indicates whether the repository is private

internal

Visibility level of the repository in Heeler

https://github.com/acme-demo/feature-flags

Repository URL

https://github.com/acme-demo/feature-flags.git

Git clone URL

https://demo.heeler.com/.../repositories/...

Direct link to the repository in the Heeler UI

{"BU":"Engineering"}

Custom repository metadata ingested from the SCM (when available)

[email protected]

Assigned technical lead (when available)

[email protected]

Assigned security lead (when available)

30055

Unique identifier for the code root

h4r>>github>>github_repository>>heeler-demo>>feature-flags

Repository identifier associated with the code root

Path within the repository (when applicable)

package-lock.json

File where the dependency was detected

npm

Package manager used

npm

Dependency ecosystem

2026-01-30T01:47:14

Commit timestamp for the code root

feature-flags

Artifact or module name (when available)

https://demo.heeler.com/.../modules/30055

Direct link to the module (code root) in Heeler