You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It looks like blue-button is depending on lodash version ^3.10.0. Could the dependency be updated to a more recent version of lodash?
Running "npm audit" report a vulnerability with this version:
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
It looks like blue-button is depending on lodash version ^3.10.0. Could the dependency be updated to a more recent version of lodash?
Running "npm audit" report a vulnerability with this version:
Moderate Prototype Pollution
Package lodash
Patched in >=4.17.11
Dependency of blue-button
Path blue-button > blue-button-model > lodash
More info https://npmjs.com/advisories/782
Moderate Prototype Pollution
Package lodash
Patched in >=4.17.11
Dependency of blue-button
Path blue-button > blue-button-xml > lodash
More info https://npmjs.com/advisories/782
Moderate Prototype Pollution
Package lodash
Patched in >=4.17.11
Dependency of blue-button
Path blue-button > lodash
More info https://npmjs.com/advisories/782
Low Prototype Pollution
Package lodash
Patched in >=4.17.5
Dependency of blue-button
Path blue-button > blue-button-model > lodash
More info https://npmjs.com/advisories/577
Low Prototype Pollution
Package lodash
Patched in >=4.17.5
Dependency of blue-button
Path blue-button > blue-button-xml > lodash
More info https://npmjs.com/advisories/577
Low Prototype Pollution
Package lodash
Patched in >=4.17.5
Dependency of blue-button
Path blue-button > lodash
More info https://npmjs.com/advisories/577
found 6 vulnerabilities (3 low, 3 moderate)
The text was updated successfully, but these errors were encountered: