Update checkmarx-ast-cli binaries with 2.3.45

[cx-anurag-dalke]

Updates checkmarx-ast-cli to 2.3.45

Auto-generated by [create-pull-request][2]

[cx-ben-alvo]

Checkmarx One – Scan Summary & Details – 921291f8-37de-47b1-82a5-7299fa149447

New Issues (9)

Checkmarx found the following issues in this Pull Request

#	Severity	Issue	Source File / Package	Checkmarx Insight
1		CVE-2026-23950	Npm-tar-7.4.3	details Recommended version: 7.5.7 Description: node-tar,a Tar for Node.js, has a race condition vulnerability in versions through 7.5.3. This is due to an incomplete handling of Unicode path col... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
2		CVE-2026-24842	Npm-tar-7.4.3	details Recommended version: 7.5.7 Description: node-tar, a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path ... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
3		CVE-2025-13465	Npm-lodash-4.17.21	details Recommended version: 4.17.23 Description: Lodash versions from 4.0.0 through 4.17.22 are vulnerable to Prototype Pollution in the "_.unset" and "_.omit" functions. An attacker can pass craf... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
4		CVE-2025-50537	Npm-eslint-8.1.0	details Recommended version: 9.26.0 Description: Stack Overflow vulnerability in ESLint prior to 9.26.0 when serializing objects with circular references in "eslint/lib/shared/serialization.js". T... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
5		CVE-2025-50537	Npm-eslint-8.57.1	details Recommended version: 9.26.0 Description: Stack Overflow vulnerability in ESLint prior to 9.26.0 when serializing objects with circular references in "eslint/lib/shared/serialization.js". T... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
6		CVE-2026-2391	Npm-qs-6.14.0	details Recommended version: 6.14.2 Description: ### Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to c... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
7		CVE-2025-68157	Npm-webpack-5.98.0	details Recommended version: 5.104.1 Description: Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpacks HTTP(S) resolver (HttpUriPlugin... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
8		CVE-2025-68458	Npm-webpack-5.98.0	details Recommended version: 5.104.1 Description: Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpacks HTTP(S) resolver (HttpUriPlugin... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
9		CVE-2026-24001	Npm-diff-5.0.0	details Recommended version: 5.2.1 Description: jsdiff is a JavaScript text differencing implementation. Prior to versions 4.0.3, 5.x prior to 5.2.1 and 6.x through 8.x prior to 8.0.3, attempting... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package

---

Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR