Closed bobisme closed 3 years ago
This updates vsce to get an update for lodash.
lodash@4.17.15
≥4.17.19
HIGH
CVE-2020-8203 NSWG-ECO-516
Since this is a local/build tool the impact is probably low. This could result in someone burning resources, maybe on jenkins.
>=4.17.19
Patch
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2020-8203 https://github.com/lodash/lodash/issues/4809
@bobisme
This change is
ops-github-DU4JOAWE
commented
3 years ago 
This updates vsce to get an update for lodash.
Vuln Info
Affected Version(s)
lodash@4.17.15
Patched version(s)
≥4.17.19
Severity
HIGH
CVE identifier
CVE-2020-8203 NSWG-ECO-516
Impact
Since this is a local/build tool the impact is probably low. This could result in someone burning resources, maybe on jenkins.
Patches
>=4.17.19
Workarounds
Patch
References
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2020-8203 https://github.com/lodash/lodash/issues/4809
For more information
@bobisme