New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security leak in _.template, please update #2915
Comments
1 task
@jgonggrijp where is the |
@willdurand I intentionally postponed pushing that in order to give people who want to exploit the leak less to go on. I'll let you know when I push it. |
thanks |
@willdurand The tag is online now. |
This was referenced Apr 23, 2021
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We were notified of a security issue in
_.template
, which appears to have existed since Underscore version 1.3.2. The bug was fixed in version 1.12.1 and 1.13.0-2, which I just published. If using NPM, please upgrade tounderscore@latest
orunderscore@preview
.The text was updated successfully, but these errors were encountered: