You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "ALEKSANDER KLAJDERIC (JIRA)" <ji...@apache.org> on 2018/05/14 12:28:00 UTC
[jira] [Created] (CB-14088) Node security issue with outdated
dependency: lodash
ALEKSANDER KLAJDERIC created CB-14088:
-----------------------------------------
Summary: Node security issue with outdated dependency: lodash
Key: CB-14088
URL: https://issues.apache.org/jira/browse/CB-14088
Project: Apache Cordova
Issue Type: Bug
Components: cordova-android
Affects Versions: cordova-android-7.0.0
Reporter: ALEKSANDER KLAJDERIC
Assignee: Joe Bowser
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Low Prototype Pollution
Package lodash
Patched in >=4.17.5
Dependency of cordova-android
Path cordova-android > cordova-common > plist > xmlbuilder >
lodash
More info https://nodesecurity.io/advisories/577
[!] 1 vulnerability found - Packages audited: 2572 (2027 dev, 304 optional)
Severity: 1 Low
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org