jsonplus icon indicating copy to clipboard operation
jsonplus copied to clipboard
verified publisher icon serkanyersen

Lodash Vulnerability

Open desandy opened this issue 6 years ago • 0 comments

There are multiple advisories issued for the version of Lodash declared as a dependency here.

https://nvd.nist.gov/vuln/detail/CVE-2019-10744

It is advised to upgrade to Lodash > 4.17.12.

Do you plan on releasing a patch or an upgrade to address this?

desandy avatar Feb 12 '20 18:02 desandy