You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
High Prototype Pollution
Package lodash
Dependency of request-promise
Path request-promise > request-promise-core > lodash
More info https://npmjs.com/advisories/1065
The text was updated successfully, but these errors were encountered:
I'm aware - these are in devDependencies (the library has no direct dependencies), and do not pose any risk for library users. Nonetheless, I'll see if I can bump the dev dependencies to clear the warnings.
Hi,
Just an FYI of vulnerabilities reported by npm. Seems like, as always its
lodash
, andextend
.found 3 vulnerabilities (1 moderate, 2 high) in 2278 scanned packages
Moderate Prototype Pollution
Package extend
Dependency of request
Path request > extend
More info https://npmjs.com/advisories/996
High Prototype Pollution
Package lodash
Dependency of cheerio
Path cheerio > lodash
More info https://npmjs.com/advisories/1065
High Prototype Pollution
Package lodash
Dependency of request-promise
Path request-promise > request-promise-core > lodash
More info https://npmjs.com/advisories/1065
The text was updated successfully, but these errors were encountered: