You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CVE-2019-10744 lodash/lodash#4336
high severity
Vulnerable versions: < 4.6.2
Patched version: lodash.merge@^4.6.2
Affected versions of lodash are vulnerable to Prototype Pollution.
The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
The text was updated successfully, but these errors were encountered:
mileslane
changed the title
CVE-2019-10744 - high severity. Patched version: 4.6.2
Dependency needs updating. CVE-2019-10744 - high severity. Patched version: 4.6.2
Jul 11, 2019
mileslane
changed the title
Dependency needs updating. CVE-2019-10744 - high severity. Patched version: 4.6.2
Dependency needs updating. CVE-2019-10744 - high severity. Patched version: lodash.merge@^4.6.2
Jul 11, 2019
CVE-2019-10744
lodash/lodash#4336
high severity
Vulnerable versions: < 4.6.2
Patched version: lodash.merge@^4.6.2
Affected versions of lodash are vulnerable to Prototype Pollution.
The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
The text was updated successfully, but these errors were encountered: