universalviewer icon indicating copy to clipboard operation
universalviewer copied to clipboard
verified publisher icon UniversalViewer

Patch lodash vulnerability

Open darrowcousc opened this issue 5 years ago • 0 comments

UV version:

 [email protected]

I'm submitting a:

  • [x] bug report
  • [ ] feature request => please use the user stories repo
  • [ ] support request => Please do not submit support requests here, use stackoverflow

Current behavior:

Vulnerability description: [High severity vulnerability in 4.17.11 #4348](High severity vulnerability in 4.17.11 #4348) Prototype Pollution

Expected behavior:

Patched vulnerability.

Steps to reproduce:

Related code:

// insert any relevant code here

Available patches: fix: prototype pollution in _.defaultsDeep #4336 fix: prototype pollution in several npm packages #4337

Other information:

darrowcousc avatar May 07 '20 23:05 darrowcousc