newman-reporter-html icon indicating copy to clipboard operation
newman-reporter-html copied to clipboard

Published 20 hours ago verified publisher icon postmanlabs

lodash dependencies report vulnerability CVE-2020-8203

Open Nyamiou opened this issue 4 years ago • 4 comments

The lodash dependency need to be updated to at least 4.17.20. See https://nvd.nist.gov/vuln/detail/CVE-2020-8203

Thank you

Nyamiou avatar Aug 21 '20 14:08 Nyamiou

Hey there got the same from Trivy scan. Will this be fixed? Is this project still maintained?

steffakasid avatar Sep 01 '21 08:09 steffakasid

bump, ran into the same thing. newman-reporter-htmlextra has updated the version and it seems fine

suthar26 avatar Nov 09 '23 18:11 suthar26

Hey @DannyDainton both lodash and handlebars version are reporting security issue. Will there be a release with the updated version. New version to use

  "lodash": "4.17.21",
  "handlebars": "4.7.7"

PratikThorve avatar Apr 25 '24 13:04 PratikThorve

This isn't something that I maintain - My htmlextra reporter is here: https://github.com/DannyDainton/newman-reporter-htmlextra

DannyDainton avatar Apr 25 '24 13:04 DannyDainton