1 low severity vulnerability

Question

1 low severity vulnerability

philwareham opened this issue 6 years ago · comments

Phil Wareham commented 6 years ago

Please see outaTiME/applause#14

Ariel Falduto commented 3 years ago

Done 🚀

Stephen Edgar · Answer 1 · Mon Oct 22 2018 13:16:19 GMT+0800 (China Standard Time)

@vladikoff @outaTiME I'm happy to investigate further if you could help to help make a new release please?

│ Some vulnerabilities require your attention to resolve
│ Low │ Prototype Pollution
│ Package │ lodash
│ Patched in │ >=4.17.5
│ Dependency of │ grunt-replace [dev]
│ Path │ grunt-replace > applause > lodash
│ More info │ https://nodesecurity.io/advisories/577

George Bochenek · Answer 2 · Tue Dec 11 2018 00:04:01 GMT+0800 (China Standard Time)

In case anyone is still looking for this, I published a new fork to bump dependencies:

https://github.com/gbochenek/grunt-replace-regex

Noah Cooper · Answer 3 · Tue Feb 23 2021 09:39:04 GMT+0800 (China Standard Time)

@outaTiME now that you've updated applause to fix this vulnerability, any chance you could update this plugin?

Ariel Falduto · Answer 4 · Tue Feb 23 2021 09:44:47 GMT+0800 (China Standard Time)

Sure @noahcooper im working on it 💪