This repository has been archived by the owner on May 27, 2021. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
944: Update dependency lodash to v4.17.13 [SECURITY] r=rehandalal a=renovate[bot] This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [lodash](https://lodash.com/) ([source](https://togithub.com/lodash/lodash)) | dependencies | patch | [`4.17.11` -> `4.17.13`](https://renovatebot.com/diffs/npm/lodash/4.17.11/4.17.13) | ### GitHub Vulnerability Alerts #### [CVE-2019-10744](https://togithub.com/lodash/lodash/pull/4336) Affected versions of lodash are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. Co-authored-by: Renovate Bot <bot@renovateapp.com> Co-authored-by: Rehan Dalal <rehandalal@gmail.com>
- Loading branch information