[jira] [Created] (CB-14088) Node security issue with outdated dependency: lodash

ALEKSANDER KLAJDERIC (JIRA) Mon, 14 May 2018 05:28:52 -0700

ALEKSANDER KLAJDERIC created CB-14088:
-----------------------------------------


             Summary: Node security issue with outdated dependency: lodash
                 Key: CB-14088
                 URL: https://issues.apache.org/jira/browse/CB-14088
             Project: Apache Cordova
          Issue Type: Bug
          Components: cordova-android
    Affects Versions: cordova-android-7.0.0
            Reporter: ALEKSANDER KLAJDERIC
            Assignee: Joe Bowser


=== npm audit security report ===


 Manual Review
 Some vulnerabilities require your attention to resolve

Visit https://go.npm.me/audit-guide for additional guidance


 Low Prototype Pollution

Package lodash

Patched in >=4.17.5

Dependency of cordova-android

Path cordova-android > cordova-common > plist > xmlbuilder >
 lodash

More info https://nodesecurity.io/advisories/577


[!] 1 vulnerability found - Packages audited: 2572 (2027 dev, 304 optional)
 Severity: 1 Low



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (CB-14088) Node security issue with outdated dependency: lodash

Reply via email to