Vulnerable lodash in dependency chain

[SystemDisc]

[email protected] depends on [email protected] which depends on [email protected]

Versions of lodash before 4.17.5 are vulnerable to prototype pollution.

The vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of Object via proto causing the addition or modification of an existing property that will exist on all objects.

https://www.npmjs.com/advisories/577