chore(package): 'lodash' dependency security vulnerability
benjamin-allion opened this issue · comments
Details
Lodash version < 4.17.13 are vulnerable to Prototype Pollution.
The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Acceptance Criterias
- Upgrade lodash dependency to patched version 4.17.13