You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I'm using this package and npm alerts me the lodash package (a dependency of unset) contains vulnerabilities:
Versions of lodash before 4.17.5 are vulnerable to prototype pollution.
The vulnerable functions are defaultsDeep, merge, and mergeWith which allow a malicious user to modify the prototype of Object via __proto__ causing the addition or modification of an existing property that will exist on all objects.
Could you update it?
Thanks!!
The text was updated successfully, but these errors were encountered:
Hi, I'm using this package and
npmalerts me thelodashpackage (a dependency ofunset) contains vulnerabilities:Could you update it?
Thanks!!
The text was updated successfully, but these errors were encountered: