hegemonic
commented
7 years ago Switching to Lodash would probably be the easiest way to solve this issue.
Closed alasdairhurst closed 7 years ago
hegemonic
commented
7 years ago Switching to Lodash would probably be the easiest way to solve this issue.
hegemonic
commented
7 years ago Fixed on master. The fix will be included in version 0.9.0.
Ran a Retire.JS scan and it picked out a vulnerability with the version of Jquery that you're using in this module. Would be nice to get it upgraded.
catharsis\node_modules\underscore-contrib\test\vendor\jquery.js ↳ jquery 1.7.2 has known vulnerabilities: severity: medium; bug: 11290, summary: Selector interpreted as HTML; http://bugs.jquery.com/ticket/11290 http://research.insecurelabs.org/jquery/test/ severity: medium; issue: 2432, summary: 3rd party CORS request may execute; https://github.com/jquery/jquery/issues/2432 http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/