react-file-viewer icon indicating copy to clipboard operation
react-file-viewer copied to clipboard

Published 20 hours ago verified publisher icon plangrid

[email protected] has security vulnerability, fixed in 4.17.12

Open AussieFlem opened this issue 5 years ago • 1 comments

Snyk is reporting lodash has a prototype pollution vulnerability

Can the dependency be updated to a secure version?

AussieFlem avatar Jan 30 '20 00:01 AussieFlem

The dependency is not direct it seems. but rather: react-file-viewer > mammoth > xmlbuilder > lodash (fun right:))

pschoffer avatar Mar 13 '20 13:03 pschoffer