Closed renovate[bot] closed 4 years ago
This pull request is automatically deployed with Now. To access deployments, click Details below or on the icon next to each push.
Latest deployment for this branch: https://nordnet-ui-kit-git-renovate-npm-lodash-vulnerability.nordnet1.now.sh
This PR contains the following updates:
4.17.11
->4.17.13
GitHub Vulnerability Alerts
CVE-2019-10744
Affected versions of lodash are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Release Notes
lodash/lodash
### [`v4.17.13`](https://togithub.com/lodash/lodash/compare/4.17.12...4.17.13) [Compare Source](https://togithub.com/lodash/lodash/compare/4.17.12...4.17.13) ### [`v4.17.12`](https://togithub.com/lodash/lodash/compare/4.17.11...4.17.12) [Compare Source](https://togithub.com/lodash/lodash/compare/4.17.11...4.17.12)Renovate configuration
:date: Schedule: "" (UTC).
:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.
:recycle: Rebasing: Whenever PR becomes conflicted, or if you modify the PR title to begin with "
rebase!
".:no_bell: Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot. View repository job log here.