grunt-update-json icon indicating copy to clipboard operation
grunt-update-json copied to clipboard

Published 20 hours ago verified publisher icon AndreasPizsa

Prototype Pollution on lodash

Open CH-Chonsu opened this issue 4 years ago • 0 comments

Hi there

We're gladly using grunt-update-json on many of our products.

You're using lodash version ~2.x. It contains the vulnerability "prototype pollution", which is fixed in lodash version >= 4.17.12.

Therefore we recommend and kindly ask you to update your dependencies!

Thanks a lot in advance and stay healthy!

Greetings Corina

CH-Chonsu avatar May 20 '20 11:05 CH-Chonsu