Closed syed12304 closed 3 years ago
@syed12304 This is a false alarm. We fixed CVE-2021-23358 in version 1.12.1 (see #2917 and the change log). 1.13.0 is the successor of both 1.12.1 and 1.13.0-3. Please contact the maintainers of Black Duck for a solution.
Next time you want to report a security issue, please don't submit an issue ticket but email us. See the security policy. No harm done in this case, though.
Description The package latest underscore version support