Skip to content

Lodash.unset CVE #1069

@broksonic21

Description

@broksonic21

Any solution coming or in place for:

lodash.unset  *
Severity: moderate
Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions - https://github.com/advisories/GHSA-xxjr-mmjv-4gpg
fix available via `npm audit fix --force`
Will install spectaql@0.15.0, which is a breaking change
node_modules/lodash.unset
  microfiber  *
  Depends on vulnerable versions of lodash.unset
  node_modules/microfiber
    spectaql  >=1.0.0
    Depends on vulnerable versions of microfiber

GHSA-xxjr-mmjv-4gpg

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions